diff --git a/dependency/clickhouse/3.0.21/CHANGELOG.md b/dependency/clickhouse/3.0.21/CHANGELOG.md
deleted file mode 100644
index 3213b6c6458..00000000000
--- a/dependency/clickhouse/3.0.21/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [clickhouse-3.0.21](https://github.com/truecharts/charts/compare/clickhouse-3.0.20...clickhouse-3.0.21) (2023-02-24)
-
-### Chore
-
-- update container image tccr.io/truecharts/clickhouse to v23.2.1.2537
-
-
-
-
-## [clickhouse-3.0.20](https://github.com/truecharts/charts/compare/clickhouse-3.0.19...clickhouse-3.0.20) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [clickhouse-3.0.19](https://github.com/truecharts/charts/compare/clickhouse-3.0.18...clickhouse-3.0.19) (2023-02-05)
-
-### Chore
-
-- update container image tccr.io/truecharts/clickhouse to v23.1.3.5
-
-
-
-
-## [clickhouse-3.0.18](https://github.com/truecharts/charts/compare/clickhouse-3.0.17...clickhouse-3.0.18) (2023-02-03)
-
-
-
-
-## [clickhouse-3.0.17](https://github.com/truecharts/charts/compare/clickhouse-3.0.16...clickhouse-3.0.17) (2023-01-31)
-
-### Chore
-
-- update container image tccr.io/truecharts/clickhouse to v23.1.2.9
-
-
-
-
-## [clickhouse-3.0.16](https://github.com/truecharts/charts/compare/clickhouse-3.0.15...clickhouse-3.0.16) (2023-01-15)
-
-### Fix
-
-- don't run manifest Manager on most dependency apps. ([#6384](https://github.com/truecharts/charts/issues/6384))
-
-
-
-
-## [clickhouse-3.0.15](https://github.com/truecharts/charts/compare/clickhouse-3.0.14...clickhouse-3.0.15) (2023-01-10)
-
-### Chore
-
-- update container image tccr.io/truecharts/clickhouse to v22.12.3.5
-
-
-
-
-## [clickhouse-3.0.14](https://github.com/truecharts/charts/compare/clickhouse-3.0.13...clickhouse-3.0.14) (2022-12-27)
-
-### Chore
-
-- update helm chart common to 11.1.2 ([#5855](https://github.com/truecharts/charts/issues/5855))
-
-
-
-
-## [clickhouse-3.0.13](https://github.com/truecharts/charts/compare/clickhouse-3.0.12...clickhouse-3.0.13) (2022-12-26)
-
-### Chore
-
-- update helm chart common to 11.1.1
-
-
-
-
-## [clickhouse-3.0.12](https://github.com/truecharts/charts/compare/clickhouse-3.0.11...clickhouse-3.0.12) (2022-12-24)
-
-### Chore
-
-- update helm chart common to v11.1.0 ([#5686](https://github.com/truecharts/charts/issues/5686))
-
-
-
-
-## [clickhouse-3.0.11](https://github.com/truecharts/charts/compare/clickhouse-3.0.10...clickhouse-3.0.11) (2022-12-17)
-
-
-
-
-## [clickhouse-3.0.10](https://github.com/truecharts/charts/compare/clickhouse-3.0.9...clickhouse-3.0.10) (2022-12-16)
-
diff --git a/dependency/clickhouse/3.0.21/Chart.yaml b/dependency/clickhouse/3.0.21/Chart.yaml
deleted file mode 100644
index be3f8729744..00000000000
--- a/dependency/clickhouse/3.0.21/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-apiVersion: v2
-appVersion: "23.2.1.253"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: ClickHouse is a column-oriented database management system (DBMS) for online analytical processing of queries (OLAP).
-home: https://truecharts.org/charts/dependency/clickhouse
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/clickhouse.png
-keywords:
- - database
- - clickhouse
- - sql
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: clickhouse
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/dependency/clickhouse
- - https://hub.docker.com/r/clickhouse/clickhouse-server
- - https://clickhouse.com/
-type: application
-version: 3.0.21
-annotations:
- truecharts.org/catagories: |
- - database
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/dependency/clickhouse/3.0.21/README.md b/dependency/clickhouse/3.0.21/README.md
deleted file mode 100644
index 36b5b3d8f7e..00000000000
--- a/dependency/clickhouse/3.0.21/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/dependency/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/dependency/clickhouse/3.0.21/app-changelog.md b/dependency/clickhouse/3.0.21/app-changelog.md
deleted file mode 100644
index a16db3d8aaf..00000000000
--- a/dependency/clickhouse/3.0.21/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [clickhouse-3.0.21](https://github.com/truecharts/charts/compare/clickhouse-3.0.20...clickhouse-3.0.21) (2023-02-24)
-
-### Chore
-
-- update container image tccr.io/truecharts/clickhouse to v23.2.1.2537
-
-
\ No newline at end of file
diff --git a/dependency/clickhouse/3.0.21/app-readme.md b/dependency/clickhouse/3.0.21/app-readme.md
deleted file mode 100644
index 64dbbd02c19..00000000000
--- a/dependency/clickhouse/3.0.21/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-ClickHouse is a column-oriented database management system (DBMS) for online analytical processing of queries (OLAP).
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/dependency/clickhouse](https://truecharts.org/charts/dependency/clickhouse)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/dependency/clickhouse/3.0.21/charts/common-11.1.2.tgz b/dependency/clickhouse/3.0.21/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/dependency/clickhouse/3.0.21/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/dependency/clickhouse/3.0.21/ix_values.yaml b/dependency/clickhouse/3.0.21/ix_values.yaml
deleted file mode 100644
index fce1e6c0258..00000000000
--- a/dependency/clickhouse/3.0.21/ix_values.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
-image:
- repository: tccr.io/truecharts/clickhouse
- pullPolicy: IfNotPresent
- tag: 23.2.1.2537@sha256:669278d98936a2d12bf8f331067afb6a34e5570fdcb37b854bb5d0b2d8f30108
-
-controller:
- type: statefulset
- strategy: RollingUpdate
- rollingUpdate:
- unavailable: 1
-
-securityContext:
- readOnlyRootFilesystem: false
- # Optional capabilities advanced ClickHouse features. See also:
- # https://github.com/ClickHouse/ClickHouse/blob/master/docker/server/README.md#linux-capabilities
- # https://kb.altinity.com/altinity-kb-setup-and-maintenance/altinity-kb-clickhouse-in-docker/
- # https://github.com/ClickHouse/ClickHouse/blob/b844c36a9d5e76300a88b4f49e6debccf1ad22e4/programs/install/Install.cpp#L793-L804
- # capabilities:
- # add:
- # - IPC_LOCK
- # - NET_ADMIN
- # - SYS_NICE
-
-service:
- main:
- ports:
- main:
- port: 8123
- protocol: HTTP
- targetPort: 8123
-
-volumeClaimTemplates:
- data:
- enabled: true
- mountPath: /var/lib/clickhouse
-
-probes:
- liveness:
- type: HTTP
- path: /ping
- readiness:
- type: HTTP
- path: /ping
- startup:
- type: HTTP
- path: /ping
-
-clickhouseDatabase: "test"
-clickhouseUsername: "test"
-clickhousePassword: "testpass"
-clickhouseDefaultAccessManagement: 0
-existingSecret: ""
-
-secret:
- credentials:
- enabled: true
- data:
- clickhouse-password: '{{ ( .Values.clickhousePassword | default "empty" ) }}'
-
-env:
- CLICKHOUSE_DB: "{{ .Values.clickhouseDatabase }}"
- CLICKHOUSE_USER: "{{ .Values.clickhouseUsername }}"
- CLICKHOUSE_DEFAULT_ACCESS_MANAGEMENT: "{{ .Values.clickhouseDefaultAccessManagement }}"
- CLICKHOUSE_PASSWORD:
- secretKeyRef:
- name: '{{ .Values.existingSecret | default ( printf "%s-credentials" ( include "tc.common.names.fullname" . ) ) }}'
- key: "clickhouse-password"
-
-portal:
- enabled: false
-
-manifests:
- enabled: false
diff --git a/dependency/clickhouse/3.0.21/questions.yaml b/dependency/clickhouse/3.0.21/questions.yaml
deleted file mode 100644
index 7aa667847d6..00000000000
--- a/dependency/clickhouse/3.0.21/questions.yaml
+++ /dev/null
@@ -1,1742 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: clickhouseDatabase
- group: "App Configuration"
- label: "Database Name"
- schema:
- type: string
- default: "test"
- required: true
- - variable: clickhouseUsername
- group: "App Configuration"
- label: "Database User"
- schema:
- type: string
- default: "test"
- required: true
- - variable: clickhousePassword
- group: "App Configuration"
- label: "Database Password"
- schema:
- type: string
- default: ""
- required: true
- private: true
- - variable: clickhouseDefaultAccessManagement
- group: "App Configuration"
- label: "Default Access Management"
- schema:
- type: int
- default: 0
- required: true
- enum:
- - value: 0
- description: "Disabled"
- - value: 1
- description: "Enabled"
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 8123
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: volumeClaimTemplates
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: Data Storage
- description: Stores the ClickHouse Data
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: config-server
- label: Server Configuration Storage
- description: Files with Server Settings Adjustments
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: config-users
- label: Users Configuration Storage
- description: Files with Users Settings Adjustments
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/dependency/clickhouse/3.0.21/templates/common.yaml b/dependency/clickhouse/3.0.21/templates/common.yaml
deleted file mode 100644
index c1a366e1cf0..00000000000
--- a/dependency/clickhouse/3.0.21/templates/common.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "tc.common.loader.all" . }}
diff --git a/dependency/clickhouse/3.0.21/values.yaml b/dependency/clickhouse/3.0.21/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/dependency/clickhouse/4.0.10/CHANGELOG.md b/dependency/clickhouse/4.0.10/CHANGELOG.md
deleted file mode 100644
index 36a5e6d7bb1..00000000000
--- a/dependency/clickhouse/4.0.10/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [clickhouse-4.0.10](https://github.com/truecharts/charts/compare/clickhouse-4.0.9...clickhouse-4.0.10) (2023-03-11)
-
-### Chore
-
-- remove subchart and update common
-
-
-
-
-## [clickhouse-4.0.9](https://github.com/truecharts/charts/compare/clickhouse-4.0.8...clickhouse-4.0.9) (2023-03-07)
-
-### Fix
-
-- apply new common fixes to dependency train
-
-
-
-
-## [clickhouse-4.0.8](https://github.com/truecharts/charts/compare/clickhouse-4.0.7...clickhouse-4.0.8) (2023-03-07)
-
-### Chore
-
-- bump common
-
-
-
-
-## [clickhouse-4.0.7](https://github.com/truecharts/charts/compare/clickhouse-4.0.6...clickhouse-4.0.7) (2023-03-07)
-
-### Fix
-
-- Fix fsGroup of dependency train ([#7758](https://github.com/truecharts/charts/issues/7758))
-
-
-
-
-## [clickhouse-4.0.6](https://github.com/truecharts/charts/compare/clickhouse-4.0.5...clickhouse-4.0.6) (2023-03-06)
-
-### Chore
-
-- bump common
-
-
-
-
-## [clickhouse-4.0.5](https://github.com/truecharts/charts/compare/clickhouse-4.0.4...clickhouse-4.0.5) (2023-03-06)
-
-### Fix
-
-- update common with vct label fix ([#7750](https://github.com/truecharts/charts/issues/7750))
-
-
-
-
-## [clickhouse-4.0.4](https://github.com/truecharts/charts/compare/clickhouse-4.0.3...clickhouse-4.0.4) (2023-03-06)
-
-### Chore
-
-- bump dependency train ([#7748](https://github.com/truecharts/charts/issues/7748))
-
-
-
-
-## [clickhouse-4.0.3](https://github.com/truecharts/charts/compare/clickhouse-4.0.2...clickhouse-4.0.3) (2023-03-05)
-
-### Fix
-
-- bump common to fix env rendering mistake
-
-
-
-
-## [clickhouse-4.0.2](https://github.com/truecharts/charts/compare/clickhouse-4.0.1...clickhouse-4.0.2) (2023-03-05)
-
-### Fix
-
-- bump dependency train
- - bump common on dependency train
-
-
-
-
-## [clickhouse-4.0.1](https://github.com/truecharts/charts/compare/clickhouse-4.0.0...clickhouse-4.0.1) (2023-03-05)
-
-### Fix
-
-- update dependency common linking ([#7746](https://github.com/truecharts/charts/issues/7746))
- - disable manifestmanager
-
-
-
-
-## [clickhouse-4.0.0](https://github.com/truecharts/charts/compare/clickhouse-3.0.21...clickhouse-4.0.0) (2023-03-01)
diff --git a/dependency/clickhouse/4.0.10/Chart.yaml b/dependency/clickhouse/4.0.10/Chart.yaml
deleted file mode 100644
index 8ac567f8f27..00000000000
--- a/dependency/clickhouse/4.0.10/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-apiVersion: v2
-appVersion: "23.2.1.253"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.26
-deprecated: false
-description: ClickHouse is a column-oriented database management system (DBMS) for online analytical processing of queries (OLAP).
-home: https://truecharts.org/charts/dependency/clickhouse
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/clickhouse.png
-keywords:
- - database
- - clickhouse
- - sql
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: clickhouse
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/dependency/clickhouse
- - https://hub.docker.com/r/clickhouse/clickhouse-server
- - https://clickhouse.com/
-type: application
-version: 4.0.10
-annotations:
- truecharts.org/catagories: |
- - database
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/dependency/clickhouse/4.0.10/README.md b/dependency/clickhouse/4.0.10/README.md
deleted file mode 100644
index 36b5b3d8f7e..00000000000
--- a/dependency/clickhouse/4.0.10/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/dependency/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/dependency/clickhouse/4.0.10/app-changelog.md b/dependency/clickhouse/4.0.10/app-changelog.md
deleted file mode 100644
index a3beba5a828..00000000000
--- a/dependency/clickhouse/4.0.10/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [clickhouse-4.0.10](https://github.com/truecharts/charts/compare/clickhouse-4.0.9...clickhouse-4.0.10) (2023-03-11)
-
-### Chore
-
-- remove subchart and update common
-
-
\ No newline at end of file
diff --git a/dependency/clickhouse/4.0.10/app-readme.md b/dependency/clickhouse/4.0.10/app-readme.md
deleted file mode 100644
index 64dbbd02c19..00000000000
--- a/dependency/clickhouse/4.0.10/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-ClickHouse is a column-oriented database management system (DBMS) for online analytical processing of queries (OLAP).
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/dependency/clickhouse](https://truecharts.org/charts/dependency/clickhouse)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/dependency/clickhouse/4.0.10/charts/common-12.2.26.tgz b/dependency/clickhouse/4.0.10/charts/common-12.2.26.tgz
deleted file mode 100644
index d457296b3bd..00000000000
Binary files a/dependency/clickhouse/4.0.10/charts/common-12.2.26.tgz and /dev/null differ
diff --git a/dependency/clickhouse/4.0.10/ix_values.yaml b/dependency/clickhouse/4.0.10/ix_values.yaml
deleted file mode 100644
index 07c37cdb46f..00000000000
--- a/dependency/clickhouse/4.0.10/ix_values.yaml
+++ /dev/null
@@ -1,81 +0,0 @@
-image:
- repository: tccr.io/truecharts/clickhouse
- pullPolicy: IfNotPresent
- tag: 23.2.1.2537@sha256:669278d98936a2d12bf8f331067afb6a34e5570fdcb37b854bb5d0b2d8f30108
-
-workload:
- main:
- type: StatefulSet
- replicas: 1
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- env:
- CLICKHOUSE_DB: "{{ .Values.clickhouseDatabase }}"
- CLICKHOUSE_USER: "{{ .Values.clickhouseUsername }}"
- CLICKHOUSE_DEFAULT_ACCESS_MANAGEMENT: "{{ .Values.clickhouseDefaultAccessManagement }}"
- CLICKHOUSE_PASSWORD:
- secretKeyRef:
- expandObjectName: "{{ if .Values.clickhousePassword }}true{{ else }}false{{ end }}"
- name: '{{ if .Values.clickhousePassword }}credentials{{ else if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ printf "%s-%s" .Release.Name "clickhousecreds" }}{{ end }}'
- key: "clickhouse-password"
-
- probes:
- liveness:
- type: http
- path: /ping
- readiness:
- type: http
- path: /ping
- startup:
- type: http
- path: /ping
-
-securityContext:
- container:
- readOnlyRootFilesystem: false
- # Optional capabilities advanced ClickHouse features. See also:
- # https://github.com/ClickHouse/ClickHouse/blob/master/docker/server/README.md#linux-capabilities
- # https://kb.altinity.com/altinity-kb-setup-and-maintenance/altinity-kb-clickhouse-in-docker/
- # https://github.com/ClickHouse/ClickHouse/blob/b844c36a9d5e76300a88b4f49e6debccf1ad22e4/programs/install/Install.cpp#L793-L804
- # capabilities:
- # add:
- # - IPC_LOCK
- # - NET_ADMIN
- # - SYS_NICE
-
-service:
- main:
- ports:
- main:
- port: 8123
- protocol: http
- targetPort: 8123
-
-volumeClaimTemplates:
- data:
- enabled: true
- mountPath: /var/lib/clickhouse
-
-clickhouseDatabase: "test"
-clickhouseUsername: "test"
-clickhouseDefaultAccessManagement: 0
-
-# -- Secret or password
-# One of these options is required, unless used as a dependency for another TrueCharts chart.
-clickhousePassword: ""
-existingSecret: ""
-
-secret:
- credentials:
- enabled: true
- data:
- clickhouse-password: '{{ ( .Values.clickhousePassword | default "empty" ) }}'
-
-portal:
- open:
- enabled: false
-
-manifestManager:
- enabled: false
diff --git a/dependency/clickhouse/4.0.10/questions.yaml b/dependency/clickhouse/4.0.10/questions.yaml
deleted file mode 100644
index fa297a9c599..00000000000
--- a/dependency/clickhouse/4.0.10/questions.yaml
+++ /dev/null
@@ -1,1694 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: clickhouseDatabase
- group: "App Configuration"
- label: "Database Name"
- schema:
- type: string
- default: "test"
- required: true
- - variable: clickhouseUsername
- group: "App Configuration"
- label: "Database User"
- schema:
- type: string
- default: "test"
- required: true
- - variable: clickhousePassword
- group: "App Configuration"
- label: "Database Password"
- schema:
- type: string
- default: ""
- required: true
- private: true
- - variable: clickhouseDefaultAccessManagement
- group: "App Configuration"
- label: "Default Access Management"
- schema:
- type: int
- default: 0
- required: true
- enum:
- - value: 0
- description: "Disabled"
- - value: 1
- description: "Enabled"
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 8123
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: volumeClaimTemplates
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: Data Storage
- description: Stores the ClickHouse Data
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: config-server
- label: Server Configuration Storage
- description: Files with Server Settings Adjustments
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: config-users
- label: Users Configuration Storage
- description: Files with Users Settings Adjustments
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/dependency/clickhouse/4.0.10/templates/NOTES.txt b/dependency/clickhouse/4.0.10/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/dependency/clickhouse/4.0.10/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/dependency/clickhouse/4.0.10/templates/common.yaml b/dependency/clickhouse/4.0.10/templates/common.yaml
deleted file mode 100644
index b51394e00a4..00000000000
--- a/dependency/clickhouse/4.0.10/templates/common.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "tc.v1.common.loader.all" . }}
diff --git a/dependency/clickhouse/4.0.10/values.yaml b/dependency/clickhouse/4.0.10/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/dependency/mariadb/5.0.35/CHANGELOG.md b/dependency/mariadb/5.0.35/CHANGELOG.md
deleted file mode 100644
index 6cc14327202..00000000000
--- a/dependency/mariadb/5.0.35/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [mariadb-5.0.35](https://github.com/truecharts/charts/compare/mariadb-5.0.34...mariadb-5.0.35) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/mariadb to v10.11.2
-
-
-
-
-## [mariadb-5.0.34](https://github.com/truecharts/charts/compare/mariadb-5.0.33...mariadb-5.0.34) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/mariadb to 10.10.3
-
-
-
-
-## [mariadb-5.0.33](https://github.com/truecharts/charts/compare/mariadb-5.0.32...mariadb-5.0.33) (2023-02-26)
-
-### Chore
-
-- update container image tccr.io/truecharts/mariadb to 10.10.3
-
-
-
-
-## [mariadb-5.0.32](https://github.com/truecharts/charts/compare/mariadb-5.0.31...mariadb-5.0.32) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/mariadb to 10.10.3
-
-
-
-
-## [mariadb-5.0.31](https://github.com/truecharts/charts/compare/mariadb-5.0.30...mariadb-5.0.31) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [mariadb-5.0.30](https://github.com/truecharts/charts/compare/mariadb-5.0.29...mariadb-5.0.30) (2023-02-10)
-
-### Chore
-
-- update container image tccr.io/truecharts/mariadb to 10.10.3
-
-
-
-
-## [mariadb-5.0.29](https://github.com/truecharts/charts/compare/mariadb-5.0.28...mariadb-5.0.29) (2023-02-08)
-
-### Chore
-
-- update container image tccr.io/truecharts/mariadb to v10.10.3
-
-
-
-
-## [mariadb-5.0.28](https://github.com/truecharts/charts/compare/mariadb-5.0.27...mariadb-5.0.28) (2023-02-06)
-
-### Chore
-
-- update container image tccr.io/truecharts/mariadb to 10.10.2
-
-
-
-
-## [mariadb-5.0.27](https://github.com/truecharts/charts/compare/mariadb-5.0.26...mariadb-5.0.27) (2023-02-03)
-
-### Chore
-
-- update container image tccr.io/truecharts/mariadb to 10.10.2
-
-
-
-
-## [mariadb-5.0.26](https://github.com/truecharts/charts/compare/mariadb-5.0.25...mariadb-5.0.26) (2023-02-02)
-
-### Fix
-
-- remove non-link sources ([#6826](https://github.com/truecharts/charts/issues/6826))
-
-
-
-
-## [mariadb-5.0.25](https://github.com/truecharts/charts/compare/mariadb-5.0.24...mariadb-5.0.25) (2023-01-24)
-
-### Chore
diff --git a/dependency/mariadb/5.0.35/Chart.yaml b/dependency/mariadb/5.0.35/Chart.yaml
deleted file mode 100644
index 18c2d665cd2..00000000000
--- a/dependency/mariadb/5.0.35/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v2
-appVersion: "10.11.2"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Fast, reliable, scalable, and easy to use open-source relational database system.
-home: https://truecharts.org/charts/dependency/mariadb
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/mariadb.png
-keywords:
- - mariadb
- - mysql
- - database
- - sql
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: mariadb
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/dependency/mariadb
- - https://hub.docker.com/r/bitnami/mariadb
- - https://github.com/bitnami/bitnami-docker-mariadb
- - https://github.com/prometheus/mysqld_exporter
- - https://mariadb.org
-type: application
-version: 5.0.35
-annotations:
- truecharts.org/catagories: |
- - database
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/dependency/mariadb/5.0.35/README.md b/dependency/mariadb/5.0.35/README.md
deleted file mode 100644
index 36b5b3d8f7e..00000000000
--- a/dependency/mariadb/5.0.35/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/dependency/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/dependency/mariadb/5.0.35/app-changelog.md b/dependency/mariadb/5.0.35/app-changelog.md
deleted file mode 100644
index 85c11db90ff..00000000000
--- a/dependency/mariadb/5.0.35/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [mariadb-5.0.35](https://github.com/truecharts/charts/compare/mariadb-5.0.34...mariadb-5.0.35) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/mariadb to v10.11.2
-
-
\ No newline at end of file
diff --git a/dependency/mariadb/5.0.35/app-readme.md b/dependency/mariadb/5.0.35/app-readme.md
deleted file mode 100644
index 8ed082bd9cc..00000000000
--- a/dependency/mariadb/5.0.35/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Fast, reliable, scalable, and easy to use open-source relational database system.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/dependency/mariadb](https://truecharts.org/charts/dependency/mariadb)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/dependency/mariadb/5.0.35/charts/common-11.1.2.tgz b/dependency/mariadb/5.0.35/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/dependency/mariadb/5.0.35/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/dependency/mariadb/5.0.35/ix_values.yaml b/dependency/mariadb/5.0.35/ix_values.yaml
deleted file mode 100644
index fdcd752ee43..00000000000
--- a/dependency/mariadb/5.0.35/ix_values.yaml
+++ /dev/null
@@ -1,127 +0,0 @@
-image:
- repository: tccr.io/truecharts/mariadb
- pullPolicy: IfNotPresent
- tag: 10.11.2@sha256:fc01102eef1de92155b5097636ef738700c8bef1735f52a397b1505cbf455c0f
-
-controller:
- # -- Set the controller type.
- # Valid options are deployment, daemonset or statefulset
- type: statefulset
- # -- Number of desired pods
- replicas: 1
- # -- Set the controller upgrade strategy
- # For Deployments, valid values are Recreate (default) and RollingUpdate.
- # For StatefulSets, valid values are OnDelete and RollingUpdate (default).
- # DaemonSets ignore this.
- strategy: RollingUpdate
- rollingUpdate:
- # -- Set deployment RollingUpdate max unavailable
- unavailable: 1
- # -- Set deployment RollingUpdate max surge
- surge:
- # -- Set statefulset RollingUpdate partition
- partition:
- # -- ReplicaSet revision history limit
- revisionHistoryLimit: 3
-
-service:
- main:
- ports:
- main:
- port: 3306
- targetPort: 3306
-
-securityContext:
- readOnlyRootFilesystem: false
-
-secret:
- credentials:
- enabled: true
- data:
- mariadb-password: '{{ ( .Values.mariadbPassword | default "empty" ) }}'
- mariadb-root-password: '{{ ( .Values.mariadbRootPassword | default "empty" ) }}'
-
-env:
- MARIADB_PASSWORD:
- secretKeyRef:
- name: '{{ .Values.existingSecret | default ( printf "%s-credentials" ( include "tc.common.names.fullname" . ) ) }}'
- key: "mariadb-password"
- MARIADB_ROOT_PASSWORD:
- secretKeyRef:
- name: '{{ .Values.existingSecret | default ( printf "%s-credentials" ( include "tc.common.names.fullname" . ) ) }}'
- key: "mariadb-root-password"
- MARIADB_USER: "{{ .Values.mariadbUsername }}"
- MARIADB_DATABASE: "{{ .Values.mariadbDatabase }}"
-
-podSecurityContext:
- runAsGroup: 0
-
-volumeClaimTemplates:
- data:
- enabled: true
- mountPath: "/bitnami/mariadb"
-
-# -- Probe configuration
-# -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
-# @default -- See below
-probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- Enable the liveness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own livenessProbe
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - "until /opt/bitnami/scripts/mariadb/healthcheck.sh; do sleep 2; done"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- Enable the readiness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own readinessProbe
- custom: true
- # -- The spec field contains the values for the default readinessProbe.
- # If you selected `custom: true`, this field holds the definition of the readinessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - "until /opt/bitnami/scripts/mariadb/healthcheck.sh; do sleep 2; done"
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- Enable the startup probe
- enabled: true
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - "until /opt/bitnami/scripts/mariadb/healthcheck.sh; do sleep 2; done"
-
-mariadbPassword: "testpass"
-mariadbUsername: "test"
-mariadbDatabase: "test"
-mariadbRootPassword: "testroot"
-existingSecret: ""
-
-portal:
- enabled: false
-
-manifests:
- enabled: false
diff --git a/dependency/mariadb/5.0.35/questions.yaml b/dependency/mariadb/5.0.35/questions.yaml
deleted file mode 100644
index edee3c4054f..00000000000
--- a/dependency/mariadb/5.0.35/questions.yaml
+++ /dev/null
@@ -1,1596 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: mariadbDatabase
- group: "App Configuration"
- label: "Database Name"
- schema:
- type: string
- default: "mydatabase"
- required: true
- - variable: mariadbUsername
- group: "App Configuration"
- label: "Database User"
- schema:
- type: string
- default: "mydatabaseuser"
- required: true
- - variable: mariadbPassword
- group: "App Configuration"
- label: "Database Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: mariadbRootPassword
- group: "App Configuration"
- label: "Root Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 3306
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: volumeClaimTemplates
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "DB Storage"
- description: "Stores the old Application Database."
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/dependency/mariadb/5.0.35/templates/common.yaml b/dependency/mariadb/5.0.35/templates/common.yaml
deleted file mode 100644
index c1a366e1cf0..00000000000
--- a/dependency/mariadb/5.0.35/templates/common.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "tc.common.loader.all" . }}
diff --git a/dependency/mariadb/5.0.35/values.yaml b/dependency/mariadb/5.0.35/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/dependency/mariadb/6.0.10/CHANGELOG.md b/dependency/mariadb/6.0.10/CHANGELOG.md
deleted file mode 100644
index b69a83524bc..00000000000
--- a/dependency/mariadb/6.0.10/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [mariadb-6.0.10](https://github.com/truecharts/charts/compare/mariadb-6.0.9...mariadb-6.0.10) (2023-03-11)
-
-### Chore
-
-- remove subchart and update common
-
-
-
-
-## [mariadb-6.0.9](https://github.com/truecharts/charts/compare/mariadb-6.0.8...mariadb-6.0.9) (2023-03-07)
-
-### Fix
-
-- apply new common fixes to dependency train
-
-
-
-
-## [mariadb-6.0.8](https://github.com/truecharts/charts/compare/mariadb-6.0.7...mariadb-6.0.8) (2023-03-07)
-
-### Chore
-
-- bump common
-
-
-
-
-## [mariadb-6.0.7](https://github.com/truecharts/charts/compare/mariadb-6.0.6...mariadb-6.0.7) (2023-03-07)
-
-### Fix
-
-- Fix fsGroup of dependency train ([#7758](https://github.com/truecharts/charts/issues/7758))
-
-
-
-
-## [mariadb-6.0.6](https://github.com/truecharts/charts/compare/mariadb-6.0.5...mariadb-6.0.6) (2023-03-06)
-
-### Chore
-
-- bump common
-
-
-
-
-## [mariadb-6.0.5](https://github.com/truecharts/charts/compare/mariadb-6.0.4...mariadb-6.0.5) (2023-03-06)
-
-### Fix
-
-- update common with vct label fix ([#7750](https://github.com/truecharts/charts/issues/7750))
-
-
-
-
-## [mariadb-6.0.4](https://github.com/truecharts/charts/compare/mariadb-6.0.3...mariadb-6.0.4) (2023-03-06)
-
-### Chore
-
-- bump dependency train ([#7748](https://github.com/truecharts/charts/issues/7748))
-
-
-
-
-## [mariadb-6.0.3](https://github.com/truecharts/charts/compare/mariadb-6.0.2...mariadb-6.0.3) (2023-03-05)
-
-### Fix
-
-- bump common to fix env rendering mistake
-
-
-
-
-## [mariadb-6.0.2](https://github.com/truecharts/charts/compare/mariadb-6.0.1...mariadb-6.0.2) (2023-03-05)
-
-### Fix
-
-- bump dependency train
- - bump common on dependency train
-
-
-
-
-## [mariadb-6.0.1](https://github.com/truecharts/charts/compare/mariadb-6.0.0...mariadb-6.0.1) (2023-03-05)
-
-### Fix
-
-- update dependency common linking ([#7746](https://github.com/truecharts/charts/issues/7746))
- - disable manifestmanager
-
-
-
-
-## [mariadb-6.0.0](https://github.com/truecharts/charts/compare/mariadb-5.0.35...mariadb-6.0.0) (2023-03-01)
diff --git a/dependency/mariadb/6.0.10/Chart.yaml b/dependency/mariadb/6.0.10/Chart.yaml
deleted file mode 100644
index ad2d952dcb9..00000000000
--- a/dependency/mariadb/6.0.10/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v2
-appVersion: "10.11.2"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.26
-deprecated: false
-description: Fast, reliable, scalable, and easy to use open-source relational database system.
-home: https://truecharts.org/charts/dependency/mariadb
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/mariadb.png
-keywords:
- - mariadb
- - mysql
- - database
- - sql
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: mariadb
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/dependency/mariadb
- - https://hub.docker.com/r/bitnami/mariadb
- - https://github.com/bitnami/bitnami-docker-mariadb
- - https://github.com/prometheus/mysqld_exporter
- - https://mariadb.org
-type: application
-version: 6.0.10
-annotations:
- truecharts.org/catagories: |
- - database
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/dependency/mariadb/6.0.10/README.md b/dependency/mariadb/6.0.10/README.md
deleted file mode 100644
index 36b5b3d8f7e..00000000000
--- a/dependency/mariadb/6.0.10/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/dependency/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/dependency/mariadb/6.0.10/app-changelog.md b/dependency/mariadb/6.0.10/app-changelog.md
deleted file mode 100644
index c14bc9a1027..00000000000
--- a/dependency/mariadb/6.0.10/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [mariadb-6.0.10](https://github.com/truecharts/charts/compare/mariadb-6.0.9...mariadb-6.0.10) (2023-03-11)
-
-### Chore
-
-- remove subchart and update common
-
-
\ No newline at end of file
diff --git a/dependency/mariadb/6.0.10/app-readme.md b/dependency/mariadb/6.0.10/app-readme.md
deleted file mode 100644
index 8ed082bd9cc..00000000000
--- a/dependency/mariadb/6.0.10/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Fast, reliable, scalable, and easy to use open-source relational database system.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/dependency/mariadb](https://truecharts.org/charts/dependency/mariadb)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/dependency/mariadb/6.0.10/charts/common-12.2.26.tgz b/dependency/mariadb/6.0.10/charts/common-12.2.26.tgz
deleted file mode 100644
index d457296b3bd..00000000000
Binary files a/dependency/mariadb/6.0.10/charts/common-12.2.26.tgz and /dev/null differ
diff --git a/dependency/mariadb/6.0.10/ix_values.yaml b/dependency/mariadb/6.0.10/ix_values.yaml
deleted file mode 100644
index a67da13c8ee..00000000000
--- a/dependency/mariadb/6.0.10/ix_values.yaml
+++ /dev/null
@@ -1,88 +0,0 @@
-image:
- repository: tccr.io/truecharts/mariadb
- pullPolicy: IfNotPresent
- tag: 10.11.2@sha256:fc01102eef1de92155b5097636ef738700c8bef1735f52a397b1505cbf455c0f
-
-workload:
- main:
- replicas: 1
- type: StatefulSet
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- env:
- MARIADB_PASSWORD:
- secretKeyRef:
- expandObjectName: "{{ if .Values.mariadbPassword }}true{{ else }}false{{ end }}"
- name: '{{ if .Values.mariadbPassword }}credentials{{ else if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ printf "%s-%s" .Release.Name "mariadbcreds" }}{{ end }}'
- key: "mariadb-password"
- MARIADB_ROOT_PASSWORD:
- secretKeyRef:
- expandObjectName: "{{ if .Values.mariadbPassword }}true{{ else }}false{{ end }}"
- name: '{{ if .Values.mariadbPassword }}credentials{{ else if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ printf "%s-%s" .Release.Name "mariadbcreds" }}{{ end }}'
- key: "mariadb-root-password"
- MARIADB_USER: "{{ .Values.mariadbUsername }}"
- MARIADB_DATABASE: "{{ .Values.mariadbDatabase }}"
- probes:
- liveness:
- enabled: true
- type: exec
- command:
- - /bin/bash
- - -ec
- - "until /opt/bitnami/scripts/mariadb/healthcheck.sh; do sleep 2; done"
- readiness:
- enabled: true
- type: exec
- command:
- - /bin/bash
- - -ec
- - "until /opt/bitnami/scripts/mariadb/healthcheck.sh; do sleep 2; done"
- startup:
- enabled: true
- type: exec
- command:
- - /bin/bash
- - -ec
- - "until /opt/bitnami/scripts/mariadb/healthcheck.sh; do sleep 2; done"
-
-service:
- main:
- ports:
- main:
- port: 3306
- targetPort: 3306
-
-securityContext:
- container:
- readOnlyRootFilesystem: false
- runAsGroup: 0
-
-secret:
- credentials:
- enabled: true
- data:
- mariadb-password: '{{ ( .Values.mariadbPassword | default "empty" ) }}'
- mariadb-root-password: '{{ ( .Values.mariadbRootPassword | default "empty" ) }}'
-
-volumeClaimTemplates:
- data:
- enabled: true
- mountPath: "/bitnami/mariadb"
-
-mariadbUsername: "test"
-mariadbDatabase: "test"
-mariadbRootPassword: "testroot"
-
-# -- Secret or password
-# One of these options is required, unless used as a dependency for another TrueCharts chart.
-mariadbPassword: ""
-existingSecret: ""
-
-portal:
- open:
- enabled: false
-
-manifestManager:
- enabled: false
diff --git a/dependency/mariadb/6.0.10/questions.yaml b/dependency/mariadb/6.0.10/questions.yaml
deleted file mode 100644
index 18625bf7ae2..00000000000
--- a/dependency/mariadb/6.0.10/questions.yaml
+++ /dev/null
@@ -1,1548 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: mariadbDatabase
- group: "App Configuration"
- label: "Database Name"
- schema:
- type: string
- default: "mydatabase"
- required: true
- - variable: mariadbUsername
- group: "App Configuration"
- label: "Database User"
- schema:
- type: string
- default: "mydatabaseuser"
- required: true
- - variable: mariadbPassword
- group: "App Configuration"
- label: "Database Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: mariadbRootPassword
- group: "App Configuration"
- label: "Root Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 3306
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: volumeClaimTemplates
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "DB Storage"
- description: "Stores the old Application Database."
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 0
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/dependency/mariadb/6.0.10/templates/NOTES.txt b/dependency/mariadb/6.0.10/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/dependency/mariadb/6.0.10/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/dependency/mariadb/6.0.10/templates/common.yaml b/dependency/mariadb/6.0.10/templates/common.yaml
deleted file mode 100644
index b51394e00a4..00000000000
--- a/dependency/mariadb/6.0.10/templates/common.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "tc.v1.common.loader.all" . }}
diff --git a/dependency/mariadb/6.0.10/values.yaml b/dependency/mariadb/6.0.10/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/dependency/memcached/5.0.31/CHANGELOG.md b/dependency/memcached/5.0.31/CHANGELOG.md
deleted file mode 100644
index 0b4d7082340..00000000000
--- a/dependency/memcached/5.0.31/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [memcached-5.0.31](https://github.com/truecharts/charts/compare/memcached-5.0.30...memcached-5.0.31) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/memcached to 1.6.18
-
-
-
-
-## [memcached-5.0.30](https://github.com/truecharts/charts/compare/memcached-5.0.29...memcached-5.0.30) (2023-02-26)
-
-### Chore
-
-- update container image tccr.io/truecharts/memcached to 1.6.18
-
-
-
-
-## [memcached-5.0.29](https://github.com/truecharts/charts/compare/memcached-5.0.28...memcached-5.0.29) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/memcached to 1.6.18
-
-
-
-
-## [memcached-5.0.28](https://github.com/truecharts/charts/compare/memcached-5.0.27...memcached-5.0.28) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [memcached-5.0.27](https://github.com/truecharts/charts/compare/memcached-5.0.26...memcached-5.0.27) (2023-02-06)
-
-### Chore
-
-- update container image tccr.io/truecharts/memcached to 1.6.18
-
-
-
-
-## [memcached-5.0.26](https://github.com/truecharts/charts/compare/memcached-5.0.25...memcached-5.0.26) (2023-02-03)
-
-### Chore
-
-- update container image tccr.io/truecharts/memcached to 1.6.18
-
-
-
-
-## [memcached-5.0.25](https://github.com/truecharts/charts/compare/memcached-5.0.24...memcached-5.0.25) (2023-02-02)
-
-### Fix
-
-- remove non-link sources ([#6826](https://github.com/truecharts/charts/issues/6826))
-
-
-
-
-## [memcached-5.0.24](https://github.com/truecharts/charts/compare/memcached-5.0.23...memcached-5.0.24) (2023-01-24)
-
-### Chore
-
-- update container image tccr.io/truecharts/memcached to 1.6.18
-
-
-
-
-## [memcached-5.0.23](https://github.com/truecharts/charts/compare/memcached-5.0.22...memcached-5.0.23) (2023-01-19)
-
-### Chore
-
-- update container image tccr.io/truecharts/memcached to 1.6.18
-
-
-
-
-## [memcached-5.0.22](https://github.com/truecharts/charts/compare/memcached-5.0.21...memcached-5.0.22) (2023-01-16)
-
-### Chore
-
-- update container image tccr.io/truecharts/memcached to v1.6.18
-
-
-
-
-## [memcached-5.0.21](https://github.com/truecharts/charts/compare/memcached-5.0.20...memcached-5.0.21) (2023-01-15)
-
-### Fix
diff --git a/dependency/memcached/5.0.31/Chart.yaml b/dependency/memcached/5.0.31/Chart.yaml
deleted file mode 100644
index b3a75247483..00000000000
--- a/dependency/memcached/5.0.31/Chart.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: v2
-appVersion: "1.6.18"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Memcached is a memory-backed database caching solution
-home: https://truecharts.org/charts/dependency/memcached
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/memcached.png
-keywords:
- - memcached
- - database
- - cache
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: memcached
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/dependency/memcached
- - https://hub.docker.com/r/bitnami/memcached
- - https://github.com/bitnami/bitnami-docker-memcached
- - http://memcached.org/
-type: application
-version: 5.0.31
-annotations:
- truecharts.org/catagories: |
- - database
- - cache
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/dependency/memcached/5.0.31/README.md b/dependency/memcached/5.0.31/README.md
deleted file mode 100644
index 36b5b3d8f7e..00000000000
--- a/dependency/memcached/5.0.31/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/dependency/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/dependency/memcached/5.0.31/app-changelog.md b/dependency/memcached/5.0.31/app-changelog.md
deleted file mode 100644
index edaffdddb7a..00000000000
--- a/dependency/memcached/5.0.31/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [memcached-5.0.31](https://github.com/truecharts/charts/compare/memcached-5.0.30...memcached-5.0.31) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/memcached to 1.6.18
-
-
\ No newline at end of file
diff --git a/dependency/memcached/5.0.31/app-readme.md b/dependency/memcached/5.0.31/app-readme.md
deleted file mode 100644
index 0341d91820a..00000000000
--- a/dependency/memcached/5.0.31/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Memcached is a memory-backed database caching solution
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/dependency/memcached](https://truecharts.org/charts/dependency/memcached)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/dependency/memcached/5.0.31/charts/common-11.1.2.tgz b/dependency/memcached/5.0.31/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/dependency/memcached/5.0.31/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/dependency/memcached/5.0.31/ix_values.yaml b/dependency/memcached/5.0.31/ix_values.yaml
deleted file mode 100644
index 503d949178f..00000000000
--- a/dependency/memcached/5.0.31/ix_values.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-image:
- repository: tccr.io/truecharts/memcached
- pullPolicy: IfNotPresent
- tag: 1.6.18@sha256:49998f1e9bb4c1537c559c9e6a757c93a346d2ea6b03d03ecdca3bda3c8d4ab6
-
-service:
- main:
- ports:
- main:
- port: 11211
- targetPort: 11211
-
-portal:
- enabled: false
-
-manifests:
- enabled: false
diff --git a/dependency/memcached/5.0.31/questions.yaml b/dependency/memcached/5.0.31/questions.yaml
deleted file mode 100644
index 2e10d48ab25..00000000000
--- a/dependency/memcached/5.0.31/questions.yaml
+++ /dev/null
@@ -1,1511 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: postgresqlDatabase
- group: "App Configuration"
- label: "Database Name"
- schema:
- type: string
- default: "mydatabase"
- required: true
- - variable: postgresqlUsername
- group: "App Configuration"
- label: "Database User"
- schema:
- type: string
- default: "mydatabaseuser"
- required: true
- - variable: postgresqlPassword
- group: "App Configuration"
- label: "Database Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 11211
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/dependency/memcached/5.0.31/templates/common.yaml b/dependency/memcached/5.0.31/templates/common.yaml
deleted file mode 100644
index 76759c7a0c9..00000000000
--- a/dependency/memcached/5.0.31/templates/common.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-
-{{ include "tc.common.loader.all" . }}
diff --git a/dependency/memcached/5.0.31/values.yaml b/dependency/memcached/5.0.31/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/dependency/mongodb/4.0.33/CHANGELOG.md b/dependency/mongodb/4.0.33/CHANGELOG.md
deleted file mode 100644
index 5453313c956..00000000000
--- a/dependency/mongodb/4.0.33/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [mongodb-4.0.33](https://github.com/truecharts/charts/compare/mongodb-4.0.32...mongodb-4.0.33) (2023-02-26)
-
-### Chore
-
-- update container image tccr.io/truecharts/mongodb to 6.0.4
-
-
-
-
-## [mongodb-4.0.32](https://github.com/truecharts/charts/compare/mongodb-4.0.31...mongodb-4.0.32) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/mongodb to 6.0.4
-
-
-
-
-## [mongodb-4.0.31](https://github.com/truecharts/charts/compare/mongodb-4.0.30...mongodb-4.0.31) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [mongodb-4.0.30](https://github.com/truecharts/charts/compare/mongodb-4.0.29...mongodb-4.0.30) (2023-02-06)
-
-### Chore
-
-- update container image tccr.io/truecharts/mongodb to 6.0.4
-
-
-
-
-## [mongodb-4.0.29](https://github.com/truecharts/charts/compare/mongodb-4.0.28...mongodb-4.0.29) (2023-02-03)
-
-### Chore
-
-- update container image tccr.io/truecharts/mongodb to 6.0.4
-
-
-
-
-## [mongodb-4.0.28](https://github.com/truecharts/charts/compare/mongodb-4.0.27...mongodb-4.0.28) (2023-01-22)
-
-### Chore
-
-- update container image tccr.io/truecharts/mongodb to 6.0.4
-
-
-
-
-## [mongodb-4.0.27](https://github.com/truecharts/charts/compare/mongodb-4.0.26...mongodb-4.0.27) (2023-01-19)
-
-### Chore
-
-- update container image tccr.io/truecharts/mongodb to v6.0.4
-
-
-
-
-## [mongodb-4.0.26](https://github.com/truecharts/charts/compare/mongodb-4.0.25...mongodb-4.0.26) (2023-01-19)
-
-### Chore
-
-- update container image tccr.io/truecharts/mongodb to v
-
-
-
-
-## [mongodb-4.0.25](https://github.com/truecharts/charts/compare/mongodb-4.0.24...mongodb-4.0.25) (2023-01-18)
-
-### Chore
-
-- update container image tccr.io/truecharts/mongodb to 6.0.3
-
-
-
-
-## [mongodb-4.0.24](https://github.com/truecharts/charts/compare/mongodb-4.0.23...mongodb-4.0.24) (2023-01-15)
-
-### Fix
-
-- don't run manifest Manager on most dependency apps. ([#6384](https://github.com/truecharts/charts/issues/6384))
-
-
-
-
-## [mongodb-4.0.23](https://github.com/truecharts/charts/compare/mongodb-4.0.22...mongodb-4.0.23) (2023-01-12)
-
-### Chore
diff --git a/dependency/mongodb/4.0.33/Chart.yaml b/dependency/mongodb/4.0.33/Chart.yaml
deleted file mode 100644
index 799cf2be847..00000000000
--- a/dependency/mongodb/4.0.33/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "6.0.4"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Fast, reliable, scalable, and easy to use open-source no-sql database system.
-home: https://truecharts.org/charts/dependency/mongodb
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/mongodb.png
-keywords:
- - mongodb
- - database
- - nosql
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: mongodb
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/dependency/mongodb
- - https://hub.docker.com/r/bitnami/mongodb
- - https://github.com/bitnami/bitnami-docker-mongodb
- - https://www.mongodb.com
-type: application
-version: 4.0.33
-annotations:
- truecharts.org/catagories: |
- - database
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/dependency/mongodb/4.0.33/README.md b/dependency/mongodb/4.0.33/README.md
deleted file mode 100644
index 36b5b3d8f7e..00000000000
--- a/dependency/mongodb/4.0.33/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/dependency/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/dependency/mongodb/4.0.33/app-changelog.md b/dependency/mongodb/4.0.33/app-changelog.md
deleted file mode 100644
index 770020f1952..00000000000
--- a/dependency/mongodb/4.0.33/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [mongodb-4.0.33](https://github.com/truecharts/charts/compare/mongodb-4.0.32...mongodb-4.0.33) (2023-02-26)
-
-### Chore
-
-- update container image tccr.io/truecharts/mongodb to 6.0.4
-
-
\ No newline at end of file
diff --git a/dependency/mongodb/4.0.33/app-readme.md b/dependency/mongodb/4.0.33/app-readme.md
deleted file mode 100644
index 721b11b33e7..00000000000
--- a/dependency/mongodb/4.0.33/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Fast, reliable, scalable, and easy to use open-source no-sql database system.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/dependency/mongodb](https://truecharts.org/charts/dependency/mongodb)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/dependency/mongodb/4.0.33/charts/common-11.1.2.tgz b/dependency/mongodb/4.0.33/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/dependency/mongodb/4.0.33/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/dependency/mongodb/4.0.33/ix_values.yaml b/dependency/mongodb/4.0.33/ix_values.yaml
deleted file mode 100644
index 9d94a1e3597..00000000000
--- a/dependency/mongodb/4.0.33/ix_values.yaml
+++ /dev/null
@@ -1,128 +0,0 @@
-image:
- repository: tccr.io/truecharts/mongodb
- pullPolicy: IfNotPresent
- tag: 6.0.4@sha256:3600c9f13d96311ddad4d2de6520d54c89a8708ee36798e4dc6fb93f59c1eab4
-
-controller:
- # -- Set the controller type.
- # Valid options are deployment, daemonset or statefulset
- type: statefulset
- # -- Number of desired pods
- replicas: 1
- # -- Set the controller upgrade strategy
- # For Deployments, valid values are Recreate (default) and RollingUpdate.
- # For StatefulSets, valid values are OnDelete and RollingUpdate (default).
- # DaemonSets ignore this.
- strategy: RollingUpdate
- rollingUpdate:
- # -- Set deployment RollingUpdate max unavailable
- unavailable: 1
- # -- Set deployment RollingUpdate max surge
- surge:
- # -- Set statefulset RollingUpdate partition
- partition:
- # -- ReplicaSet revision history limit
- revisionHistoryLimit: 3
-
-service:
- main:
- ports:
- main:
- port: 27017
- targetPort: 27017
-
-securityContext:
- readOnlyRootFilesystem: false
-
-podSecurityContext:
- runAsGroup: 0
-
-volumeClaimTemplates:
- data:
- enabled: true
- mountPath: "/bitnami/mongodb"
-
-# -- Probe configuration
-# -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
-# @default -- See below
-probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- Enable the liveness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own livenessProbe
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - echo "db.runCommand(\"ping\")" | mongosh --host localhost --port 27017 ${MONGODB_DATABASE} --quiet
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- Enable the readiness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own readinessProbe
- custom: true
- # -- The spec field contains the values for the default readinessProbe.
- # If you selected `custom: true`, this field holds the definition of the readinessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - echo "db.runCommand(\"ping\")" | mongosh --host localhost --port 27017 ${MONGODB_DATABASE} --quiet
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- Enable the startup probe
- enabled: true
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - echo "db.runCommand(\"ping\")" | mongosh --host localhost --port 27017 ${MONGODB_DATABASE} --quiet
-
-mongodbPassword: "testpass"
-mongodbUsername: "test"
-mongodbDatabase: "test"
-mongodbRootPassword: "testroot"
-existingSecret: ""
-
-secret:
- credentials:
- enabled: true
- data:
- mongodb-password: '{{ ( .Values.mongodbPassword | default "empty" ) }}'
- mongodb-root-password: '{{ ( .Values.mongodbRootPassword | default "empty" ) }}'
-
-env:
- MONGODB_USERNAME: "{{ .Values.mongodbUsername }}"
- MONGODB_DATABASE: "{{ .Values.mongodbDatabase }}"
- MONGODB_PASSWORD:
- secretKeyRef:
- name: '{{ .Values.existingSecret | default ( printf "%s-credentials" ( include "tc.common.names.fullname" . ) ) }}'
- key: "mongodb-password"
- MONGODB_ROOT_PASSWORD:
- secretKeyRef:
- name: '{{ .Values.existingSecret | default ( printf "%s-credentials" ( include "tc.common.names.fullname" . ) ) }}'
- key: "mongodb-root-password"
-
-portal:
- enabled: false
-
-manifests:
- enabled: false
diff --git a/dependency/mongodb/4.0.33/questions.yaml b/dependency/mongodb/4.0.33/questions.yaml
deleted file mode 100644
index bd8c00f2f63..00000000000
--- a/dependency/mongodb/4.0.33/questions.yaml
+++ /dev/null
@@ -1,1596 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: mongodbDatabase
- group: "App Configuration"
- label: "Database Name"
- schema:
- type: string
- default: "mydatabase"
- required: true
- - variable: mongodbUsername
- group: "App Configuration"
- label: "Database User"
- schema:
- type: string
- default: "mydatabaseuser"
- required: true
- - variable: mongodbPassword
- group: "App Configuration"
- label: "Database Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: mongodbRootPassword
- group: "App Configuration"
- label: "Root Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 27017
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: volumeClaimTemplates
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "DB Storage"
- description: "Stores the old Application Database."
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/dependency/mongodb/4.0.33/templates/common.yaml b/dependency/mongodb/4.0.33/templates/common.yaml
deleted file mode 100644
index ead65062525..00000000000
--- a/dependency/mongodb/4.0.33/templates/common.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.common.loader.all" . }}
diff --git a/dependency/mongodb/4.0.33/values.yaml b/dependency/mongodb/4.0.33/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/dependency/mongodb/5.0.10/CHANGELOG.md b/dependency/mongodb/5.0.10/CHANGELOG.md
deleted file mode 100644
index c243e311434..00000000000
--- a/dependency/mongodb/5.0.10/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [mongodb-5.0.10](https://github.com/truecharts/charts/compare/mongodb-5.0.9...mongodb-5.0.10) (2023-03-11)
-
-### Chore
-
-- remove subchart and update common
-
-
-
-
-## [mongodb-5.0.9](https://github.com/truecharts/charts/compare/mongodb-5.0.8...mongodb-5.0.9) (2023-03-07)
-
-### Fix
-
-- apply new common fixes to dependency train
-
-
-
-
-## [mongodb-5.0.8](https://github.com/truecharts/charts/compare/mongodb-5.0.7...mongodb-5.0.8) (2023-03-07)
-
-### Chore
-
-- bump common
-
-
-
-
-## [mongodb-5.0.7](https://github.com/truecharts/charts/compare/mongodb-5.0.6...mongodb-5.0.7) (2023-03-07)
-
-### Fix
-
-- Fix fsGroup of dependency train ([#7758](https://github.com/truecharts/charts/issues/7758))
-
-
-
-
-## [mongodb-5.0.6](https://github.com/truecharts/charts/compare/mongodb-5.0.5...mongodb-5.0.6) (2023-03-06)
-
-### Chore
-
-- bump common
-
-
-
-
-## [mongodb-5.0.5](https://github.com/truecharts/charts/compare/mongodb-5.0.4...mongodb-5.0.5) (2023-03-06)
-
-### Fix
-
-- update common with vct label fix ([#7750](https://github.com/truecharts/charts/issues/7750))
-
-
-
-
-## [mongodb-5.0.4](https://github.com/truecharts/charts/compare/mongodb-5.0.3...mongodb-5.0.4) (2023-03-06)
-
-### Chore
-
-- bump dependency train ([#7748](https://github.com/truecharts/charts/issues/7748))
-
-
-
-
-## [mongodb-5.0.3](https://github.com/truecharts/charts/compare/mongodb-5.0.2...mongodb-5.0.3) (2023-03-05)
-
-### Fix
-
-- bump common to fix env rendering mistake
-
-
-
-
-## [mongodb-5.0.2](https://github.com/truecharts/charts/compare/mongodb-5.0.1...mongodb-5.0.2) (2023-03-05)
-
-### Fix
-
-- bump dependency train
- - bump common on dependency train
-
-
-
-
-## [mongodb-5.0.1](https://github.com/truecharts/charts/compare/mongodb-5.0.0...mongodb-5.0.1) (2023-03-05)
-
-### Fix
-
-- update dependency common linking ([#7746](https://github.com/truecharts/charts/issues/7746))
- - disable manifestmanager
-
-
-
-
-## [mongodb-5.0.0](https://github.com/truecharts/charts/compare/mongodb-4.0.33...mongodb-5.0.0) (2023-03-01)
diff --git a/dependency/mongodb/5.0.10/Chart.yaml b/dependency/mongodb/5.0.10/Chart.yaml
deleted file mode 100644
index 03fe2d22580..00000000000
--- a/dependency/mongodb/5.0.10/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "6.0.4"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.26
-deprecated: false
-description: Fast, reliable, scalable, and easy to use open-source no-sql database system.
-home: https://truecharts.org/charts/dependency/mongodb
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/mongodb.png
-keywords:
- - mongodb
- - database
- - nosql
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: mongodb
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/dependency/mongodb
- - https://hub.docker.com/r/bitnami/mongodb
- - https://github.com/bitnami/bitnami-docker-mongodb
- - https://www.mongodb.com
-type: application
-version: 5.0.10
-annotations:
- truecharts.org/catagories: |
- - database
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/dependency/mongodb/5.0.10/README.md b/dependency/mongodb/5.0.10/README.md
deleted file mode 100644
index 36b5b3d8f7e..00000000000
--- a/dependency/mongodb/5.0.10/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/dependency/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/dependency/mongodb/5.0.10/app-changelog.md b/dependency/mongodb/5.0.10/app-changelog.md
deleted file mode 100644
index 4b0cd6fdfa5..00000000000
--- a/dependency/mongodb/5.0.10/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [mongodb-5.0.10](https://github.com/truecharts/charts/compare/mongodb-5.0.9...mongodb-5.0.10) (2023-03-11)
-
-### Chore
-
-- remove subchart and update common
-
-
\ No newline at end of file
diff --git a/dependency/mongodb/5.0.10/app-readme.md b/dependency/mongodb/5.0.10/app-readme.md
deleted file mode 100644
index 721b11b33e7..00000000000
--- a/dependency/mongodb/5.0.10/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Fast, reliable, scalable, and easy to use open-source no-sql database system.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/dependency/mongodb](https://truecharts.org/charts/dependency/mongodb)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/dependency/mongodb/5.0.10/charts/common-12.2.26.tgz b/dependency/mongodb/5.0.10/charts/common-12.2.26.tgz
deleted file mode 100644
index d457296b3bd..00000000000
Binary files a/dependency/mongodb/5.0.10/charts/common-12.2.26.tgz and /dev/null differ
diff --git a/dependency/mongodb/5.0.10/ix_values.yaml b/dependency/mongodb/5.0.10/ix_values.yaml
deleted file mode 100644
index 12820cc824f..00000000000
--- a/dependency/mongodb/5.0.10/ix_values.yaml
+++ /dev/null
@@ -1,119 +0,0 @@
-image:
- repository: tccr.io/truecharts/mongodb
- pullPolicy: IfNotPresent
- tag: 6.0.4@sha256:3600c9f13d96311ddad4d2de6520d54c89a8708ee36798e4dc6fb93f59c1eab4
-
-workload:
- main:
- replicas: 1
- type: StatefulSet
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- env:
- MONGODB_USERNAME: "{{ .Values.mongodbUsername }}"
- MONGODB_DATABASE: "{{ .Values.mongodbDatabase }}"
- MONGODB_PASSWORD:
- secretKeyRef:
- expandObjectName: "{{ if .Values.mongodbPassword }}true{{ else }}false{{ end }}"
- name: '{{ if .Values.mongodbPassword }}credentials{{ else if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ printf "%s-%s" .Release.Name "mongodbcreds" }}{{ end }}'
- key: "mongodb-password"
- MONGODB_ROOT_PASSWORD:
- secretKeyRef:
- expandObjectName: "{{ if .Values.mongodbPassword }}true{{ else }}false{{ end }}"
- name: '{{ if .Values.mongodbPassword }}credentials{{ else if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ printf "%s-%s" .Release.Name "mongodbcreds" }}{{ end }}'
- key: "mongodb-root-password"
- # -- Probe configuration
- # -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
- # @default -- See below
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- Enable the liveness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own livenessProbe
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - echo "db.runCommand(\"ping\")" | mongosh --host localhost --port 27017 ${MONGODB_DATABASE} --quiet
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- Enable the readiness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own readinessProbe
- custom: true
- # -- The spec field contains the values for the default readinessProbe.
- # If you selected `custom: true`, this field holds the definition of the readinessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - echo "db.runCommand(\"ping\")" | mongosh --host localhost --port 27017 ${MONGODB_DATABASE} --quiet
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- Enable the startup probe
- enabled: true
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - echo "db.runCommand(\"ping\")" | mongosh --host localhost --port 27017 ${MONGODB_DATABASE} --quiet
-
-service:
- main:
- ports:
- main:
- port: 27017
- targetPort: 27017
-
-securityContext:
- container:
- runAsGroup: 0
- readOnlyRootFilesystem: false
-
-volumeClaimTemplates:
- data:
- enabled: true
- mountPath: "/bitnami/mongodb"
-
-mongodbUsername: "test"
-mongodbDatabase: "test"
-mongodbRootPassword: "testroot"
-
-# -- Secret or password
-# One of these options is required, unless used as a dependency for another TrueCharts chart.
-mongodbPassword: ""
-existingSecret: ""
-
-secret:
- credentials:
- enabled: true
- data:
- mongodb-password: '{{ ( .Values.mongodbPassword | default "empty" ) }}'
- mongodb-root-password: '{{ ( .Values.mongodbRootPassword | default "empty" ) }}'
-
-portal:
- open:
- enabled: false
-
-manifestManager:
- enabled: false
diff --git a/dependency/mongodb/5.0.10/questions.yaml b/dependency/mongodb/5.0.10/questions.yaml
deleted file mode 100644
index a4868f43f7c..00000000000
--- a/dependency/mongodb/5.0.10/questions.yaml
+++ /dev/null
@@ -1,1548 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: mongodbDatabase
- group: "App Configuration"
- label: "Database Name"
- schema:
- type: string
- default: "mydatabase"
- required: true
- - variable: mongodbUsername
- group: "App Configuration"
- label: "Database User"
- schema:
- type: string
- default: "mydatabaseuser"
- required: true
- - variable: mongodbPassword
- group: "App Configuration"
- label: "Database Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: mongodbRootPassword
- group: "App Configuration"
- label: "Root Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 27017
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: volumeClaimTemplates
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "DB Storage"
- description: "Stores the old Application Database."
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 0
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/dependency/mongodb/5.0.10/templates/NOTES.txt b/dependency/mongodb/5.0.10/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/dependency/mongodb/5.0.10/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/dependency/mongodb/5.0.10/templates/common.yaml b/dependency/mongodb/5.0.10/templates/common.yaml
deleted file mode 100644
index a204deeeb4f..00000000000
--- a/dependency/mongodb/5.0.10/templates/common.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.loader.all" . }}
diff --git a/dependency/mongodb/5.0.10/values.yaml b/dependency/mongodb/5.0.10/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/dependency/redis/5.0.33/CHANGELOG.md b/dependency/redis/5.0.33/CHANGELOG.md
deleted file mode 100644
index a011bee1fe1..00000000000
--- a/dependency/redis/5.0.33/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [redis-5.0.33](https://github.com/truecharts/charts/compare/redis-5.0.32...redis-5.0.33) (2023-02-26)
-
-### Chore
-
-- update container image tccr.io/truecharts/redis to 7.0.8
-
-
-
-
-## [redis-5.0.32](https://github.com/truecharts/charts/compare/redis-5.0.31...redis-5.0.32) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [redis-5.0.31](https://github.com/truecharts/charts/compare/redis-5.0.30...redis-5.0.31) (2023-02-06)
-
-### Chore
-
-- update container image tccr.io/truecharts/redis to 7.0.8
-
-
-
-
-## [redis-5.0.30](https://github.com/truecharts/charts/compare/tubearchivist-redisjson-2.0.12...redis-5.0.30) (2023-02-03)
-
-### Chore
-
-- update container image tccr.io/truecharts/redis to 7.0.8
-
-
-
-
-## [redis-5.0.29](https://github.com/truecharts/charts/compare/redis-5.0.28...redis-5.0.29) (2023-01-22)
-
-### Chore
-
-- update container image tccr.io/truecharts/redis to 7.0.8
-
-
-
-
-## [redis-5.0.28](https://github.com/truecharts/charts/compare/redis-5.0.27...redis-5.0.28) (2023-01-19)
-
-### Chore
-
-- update container image tccr.io/truecharts/redis to v7.0.8
-
-
-
-
-## [redis-5.0.27](https://github.com/truecharts/charts/compare/redis-5.0.26...redis-5.0.27) (2023-01-18)
-
-### Chore
-
-- update container image tccr.io/truecharts/redis to 7.0.7
-
-
-
-
-## [redis-5.0.26](https://github.com/truecharts/charts/compare/redis-5.0.25...redis-5.0.26) (2023-01-15)
-
-### Fix
-
-- don't run manifest Manager on most dependency apps. ([#6384](https://github.com/truecharts/charts/issues/6384))
-
-
-
-
-## [redis-5.0.25](https://github.com/truecharts/charts/compare/redis-5.0.24...redis-5.0.25) (2023-01-12)
-
-### Chore
-
-- update container image tccr.io/truecharts/redis to 7.0.7
-
-
-
-
-## [redis-5.0.24](https://github.com/truecharts/charts/compare/redis-5.0.23...redis-5.0.24) (2023-01-07)
-
-### Chore
-
-- update container image tccr.io/truecharts/redis to 7.0.7
-
-
-
-
-## [redis-5.0.23](https://github.com/truecharts/charts/compare/tubearchivist-redisjson-2.0.10...redis-5.0.23) (2023-01-04)
-
-### Chore
diff --git a/dependency/redis/5.0.33/Chart.yaml b/dependency/redis/5.0.33/Chart.yaml
deleted file mode 100644
index 536e981ee09..00000000000
--- a/dependency/redis/5.0.33/Chart.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: v2
-appVersion: "7.0.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Open source, advanced key-value store.
-home: https://truecharts.org/charts/dependency/redis
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/redis.png
-keywords:
- - redis
- - keyvalue
- - database
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: redis
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/dependency/redis
- - https://hub.docker.com/r/bitnami/redis
- - https://github.com/bitnami/bitnami-docker-redis
- - http://redis.io/
-type: application
-version: 5.0.33
-annotations:
- truecharts.org/catagories: |
- - database
- - cache
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/dependency/redis/5.0.33/README.md b/dependency/redis/5.0.33/README.md
deleted file mode 100644
index 36b5b3d8f7e..00000000000
--- a/dependency/redis/5.0.33/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/dependency/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/dependency/redis/5.0.33/app-changelog.md b/dependency/redis/5.0.33/app-changelog.md
deleted file mode 100644
index 02286fc11ab..00000000000
--- a/dependency/redis/5.0.33/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [redis-5.0.33](https://github.com/truecharts/charts/compare/redis-5.0.32...redis-5.0.33) (2023-02-26)
-
-### Chore
-
-- update container image tccr.io/truecharts/redis to 7.0.8
-
-
\ No newline at end of file
diff --git a/dependency/redis/5.0.33/app-readme.md b/dependency/redis/5.0.33/app-readme.md
deleted file mode 100644
index c188772d2b0..00000000000
--- a/dependency/redis/5.0.33/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Open source, advanced key-value store.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/dependency/redis](https://truecharts.org/charts/dependency/redis)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/dependency/redis/5.0.33/charts/common-11.1.2.tgz b/dependency/redis/5.0.33/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/dependency/redis/5.0.33/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/dependency/redis/5.0.33/ix_values.yaml b/dependency/redis/5.0.33/ix_values.yaml
deleted file mode 100644
index 17c43f297e9..00000000000
--- a/dependency/redis/5.0.33/ix_values.yaml
+++ /dev/null
@@ -1,212 +0,0 @@
-image:
- repository: tccr.io/truecharts/redis
- pullPolicy: IfNotPresent
- tag: 7.0.8@sha256:13e0bbf5369ed2f219b96c0e7136b531eb1fdca1db7b7e2c72e13133adf26288
-
-controller:
- # -- Set the controller type.
- # Valid options are deployment, daemonset or statefulset
- type: statefulset
- # -- Number of desired pods
- replicas: 1
- # -- Set the controller upgrade strategy
- # For Deployments, valid values are Recreate (default) and RollingUpdate.
- # For StatefulSets, valid values are OnDelete and RollingUpdate (default).
- # DaemonSets ignore this.
- strategy: RollingUpdate
- rollingUpdate:
- # -- Set deployment RollingUpdate max unavailable
- unavailable: 1
- # -- Set deployment RollingUpdate max surge
- surge:
- # -- Set statefulset RollingUpdate partition
- partition:
- # -- ReplicaSet revision history limit
- revisionHistoryLimit: 3
-
-securityContext:
- readOnlyRootFilesystem: false
-
-podSecurityContext:
- runAsGroup: 0
-
-configmap:
- health:
- enabled: true
- data:
- ping_readiness_local.sh: |-
- #!/bin/bash
- [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
- response=$(
- timeout -s 3 $1 \
- redis-cli \
- -h localhost \
- -p $REDIS_PORT \
- ping
- )
- if [ "$response" != "PONG" ]; then
- echo "failed to connect using password: $REDIS_PASSWORD response: $response"
- exit 1
- fi
- ping_liveness_local.sh: |-
- #!/bin/bash
- [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
- response=$(
- timeout -s 3 $1 \
- redis-cli \
- -h localhost \
- -p $REDIS_PORT \
- ping
- )
- if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then
- echo "$response"
- exit 1
- fi
- ping_readiness_master.sh: |-
- #!/bin/bash
- [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
- response=$(
- timeout -s 3 $1 \
- redis-cli \
- -h $REDIS_MASTER_HOST \
- -p $REDIS_MASTER_PORT_NUMBER \
- ping
- )
- if [ "$response" != "PONG" ]; then
- echo "$response"
- exit 1
- fi
- ping_liveness_master.sh: |-
- #!/bin/bash
- [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
- response=$(
- timeout -s 3 $1 \
- redis-cli \
- -h $REDIS_MASTER_HOST \
- -p $REDIS_MASTER_PORT_NUMBER \
- ping
- )
- if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then
- echo "$response"
- exit 1
- fi
- ping_readiness_local_and_master.sh: |-
- script_dir="$(dirname "$0")"
- exit_status=0
- "$script_dir/ping_readiness_local.sh" $1 || exit_status=$?
- "$script_dir/ping_readiness_master.sh" $1 || exit_status=$?
- exit $exit_status
- ping_liveness_local_and_master.sh: |-
- script_dir="$(dirname "$0")"
- exit_status=0
- "$script_dir/ping_liveness_local.sh" $1 || exit_status=$?
- "$script_dir/ping_liveness_master.sh" $1 || exit_status=$?
- exit $exit_status
-
-secret:
- credentials:
- enabled: true
- data:
- redis-password: '{{ ( .Values.redisPassword | default "nothing" ) }}'
-
-env:
- REDIS_REPLICATION_MODE: master
- ALLOW_EMPTY_PASSWORD: "yes"
- REDIS_PORT: "{{ .Values.service.main.ports.main.targetPort }}"
- REDIS_PASSWORD:
- secretKeyRef:
- name: '{{ .Values.existingSecret | default ( printf "%s-credentials" ( include "tc.common.names.fullname" . ) ) }}'
- key: "redis-password"
-
-redisPassword: "testpass"
-existingSecret: ""
-
-service:
- main:
- ports:
- main:
- port: 6379
- targetPort: 6379
-
-volumeClaimTemplates:
- data:
- enabled: true
- mountPath: "/bitnami/redis"
-
-# -- Probe configuration
-# -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
-# @default -- See below
-probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- Enable the liveness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own livenessProbe
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - sh
- - -c
- - /health/ping_liveness_local.sh 2
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- Enable the readiness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own readinessProbe
- custom: true
- # -- The spec field contains the values for the default readinessProbe.
- # If you selected `custom: true`, this field holds the definition of the readinessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - sh
- - -c
- - /health/ping_readiness_local.sh 2
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- Enable the startup probe
- enabled: true
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - sh
- - -c
- - /health/ping_readiness_local.sh 2
-
-persistence:
- # -- redis-health configmap mount
- # @default -- See below
- redis-health:
- enabled: true
- type: custom
- # -- Where to mount the volume in the main container.
- # Defaults to `/`,
- # setting to '-' creates the volume but disables the volumeMount.
- mountPath: "/health"
- # -- Specify if the volume should be mounted read-only.
- readOnly: false
- # -- Define the custom Volume spec here
- # [[ref]](https://kubernetes.io/docs/concepts/storage/volumes/)
- volumeSpec:
- configMap:
- defaultMode: 0755
- name: '{{ include "tc.common.names.fullname" . }}-health'
-
-portal:
- enabled: false
-
-manifests:
- enabled: false
diff --git a/dependency/redis/5.0.33/questions.yaml b/dependency/redis/5.0.33/questions.yaml
deleted file mode 100644
index 3149a9b45b4..00000000000
--- a/dependency/redis/5.0.33/questions.yaml
+++ /dev/null
@@ -1,1575 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: redisPassword
- group: "App Configuration"
- label: "Redis Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 6379
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: volumeClaimTemplates
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "App Data Storage"
- description: "Stores the Application Data."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/dependency/redis/5.0.33/templates/common.yaml b/dependency/redis/5.0.33/templates/common.yaml
deleted file mode 100644
index 76759c7a0c9..00000000000
--- a/dependency/redis/5.0.33/templates/common.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-
-{{ include "tc.common.loader.all" . }}
diff --git a/dependency/redis/5.0.33/values.yaml b/dependency/redis/5.0.33/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/dependency/solr/2.0.31/CHANGELOG.md b/dependency/solr/2.0.31/CHANGELOG.md
deleted file mode 100644
index 6a146d6cb1a..00000000000
--- a/dependency/solr/2.0.31/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [solr-2.0.31](https://github.com/truecharts/charts/compare/solr-2.0.30...solr-2.0.31) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/solr to 9.1.1
-
-
-
-
-## [solr-2.0.30](https://github.com/truecharts/charts/compare/solr-2.0.29...solr-2.0.30) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [solr-2.0.29](https://github.com/truecharts/charts/compare/solr-2.0.28...solr-2.0.29) (2023-02-06)
-
-### Chore
-
-- update container image tccr.io/truecharts/solr to 9.1.1
-
-
-
-
-## [solr-2.0.28](https://github.com/truecharts/charts/compare/solr-2.0.27...solr-2.0.28) (2023-02-03)
-
-### Chore
-
-- update container image tccr.io/truecharts/solr to 9.1.1
-
-
-
-
-## [solr-2.0.27](https://github.com/truecharts/charts/compare/solr-2.0.26...solr-2.0.27) (2023-02-02)
-
-### Fix
-
-- remove non-link sources ([#6826](https://github.com/truecharts/charts/issues/6826))
-
-
-
-
-## [solr-2.0.26](https://github.com/truecharts/charts/compare/solr-2.0.25...solr-2.0.26) (2023-01-31)
-
-### Chore
-
-- update container image tccr.io/truecharts/solr to v9.1.1
-
-
-
-
-## [solr-2.0.25](https://github.com/truecharts/charts/compare/solr-2.0.24...solr-2.0.25) (2023-01-31)
-
-### Chore
-
-- update container image tccr.io/truecharts/solr to v
-
-
-
-
-## [solr-2.0.24](https://github.com/truecharts/charts/compare/solr-2.0.23...solr-2.0.24) (2023-01-24)
-
-### Chore
-
-- update container image tccr.io/truecharts/solr to 9.1.0
-
-
-
-
-## [solr-2.0.23](https://github.com/truecharts/charts/compare/solr-2.0.22...solr-2.0.23) (2023-01-18)
-
-### Chore
-
-- update container image tccr.io/truecharts/solr to 9.1.0
-
-
-
-
-## [solr-2.0.22](https://github.com/truecharts/charts/compare/solr-2.0.21...solr-2.0.22) (2023-01-15)
-
-### Fix
-
-- don't run manifest Manager on most dependency apps. ([#6384](https://github.com/truecharts/charts/issues/6384))
-
-
-
-
-## [solr-2.0.21](https://github.com/truecharts/charts/compare/solr-2.0.20...solr-2.0.21) (2023-01-12)
-
-### Chore
diff --git a/dependency/solr/2.0.31/Chart.yaml b/dependency/solr/2.0.31/Chart.yaml
deleted file mode 100644
index 6f218eb16bc..00000000000
--- a/dependency/solr/2.0.31/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-apiVersion: v2
-appVersion: "9.1.1"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Apache Solr
-home: https://truecharts.org/charts/dependency/solr
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/solr.png
-keywords:
- - solr
- - apache
- - search
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: solr
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/dependency/solr
- - https://hub.docker.com/r/bitnami/solr
- - https://github.com/apache/solr
-type: application
-version: 2.0.31
-annotations:
- truecharts.org/catagories: |
- - search
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/dependency/solr/2.0.31/README.md b/dependency/solr/2.0.31/README.md
deleted file mode 100644
index 36b5b3d8f7e..00000000000
--- a/dependency/solr/2.0.31/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/dependency/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/dependency/solr/2.0.31/app-changelog.md b/dependency/solr/2.0.31/app-changelog.md
deleted file mode 100644
index 93d2130ad8c..00000000000
--- a/dependency/solr/2.0.31/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [solr-2.0.31](https://github.com/truecharts/charts/compare/solr-2.0.30...solr-2.0.31) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/solr to 9.1.1
-
-
\ No newline at end of file
diff --git a/dependency/solr/2.0.31/app-readme.md b/dependency/solr/2.0.31/app-readme.md
deleted file mode 100644
index 1143b496adb..00000000000
--- a/dependency/solr/2.0.31/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Apache Solr
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/dependency/solr](https://truecharts.org/charts/dependency/solr)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/dependency/solr/2.0.31/charts/common-11.1.2.tgz b/dependency/solr/2.0.31/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/dependency/solr/2.0.31/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/dependency/solr/2.0.31/ix_values.yaml b/dependency/solr/2.0.31/ix_values.yaml
deleted file mode 100644
index 49e437e7ee4..00000000000
--- a/dependency/solr/2.0.31/ix_values.yaml
+++ /dev/null
@@ -1,143 +0,0 @@
-image:
- repository: tccr.io/truecharts/solr
- pullPolicy: IfNotPresent
- tag: 9.1.1@sha256:4ac9d6e8120321349f0a3e5dbaff796192a9623de8fb164adf9f42de952479f1
-
-controller:
- # -- Set the controller type.
- # Valid options are deployment, daemonset or statefulset
- type: statefulset
- # -- Number of desired pods
- replicas: 1
- # -- Set the controller upgrade strategy
- # For Deployments, valid values are Recreate (default) and RollingUpdate.
- # For StatefulSets, valid values are OnDelete and RollingUpdate (default).
- # DaemonSets ignore this.
- strategy: RollingUpdate
- rollingUpdate:
- # -- Set deployment RollingUpdate max unavailable
- unavailable: 1
- # -- Set deployment RollingUpdate max surge
- surge:
- # -- Set statefulset RollingUpdate partition
- partition:
- # -- ReplicaSet revision history limit
- revisionHistoryLimit: 3
-
-podSecurityContext:
- runAsUser: 1001
- runAsGroup: 0
-securityContext:
- runAsNonRoot: false
- readOnlyRootFilesystem: false
-
-service:
- main:
- ports:
- main:
- port: 8983
- targetPort: 8983
-
-volumeClaimTemplates:
- db:
- enabled: true
- mountPath: "/bitnami/solr"
-
-# -- Probe configuration
-# -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
-# @default -- See below
-probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- Enable the liveness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own livenessProbe
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - |
- if [ "$SOLR_ENABLE_AUTHENTICATION" == "yes" ]; then
- until curl --fail --user "${SOLR_ADMIN_USERNAME}":"${SOLR_ADMIN_PASSWORD}" localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- else
- until curl --fail localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- fi;
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- Enable the readiness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own readinessProbe
- custom: true
- # -- The spec field contains the values for the default readinessProbe.
- # If you selected `custom: true`, this field holds the definition of the readinessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - |
- if [ "$SOLR_ENABLE_AUTHENTICATION" == "yes" ]; then
- until curl --fail --user "${SOLR_ADMIN_USERNAME}":"${SOLR_ADMIN_PASSWORD}" localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- else
- until curl --fail localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- fi;
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- Enable the startup probe
- enabled: true
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - |
- if [ "$SOLR_ENABLE_AUTHENTICATION" == "yes" ]; then
- until curl --fail --user "${SOLR_ADMIN_USERNAME}":"${SOLR_ADMIN_PASSWORD}" localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- else
- until curl --fail localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- fi;
-
-# Currently only single core is supported, with multiple cores, probes will fail.
-solrCores: "testcore"
-solrEnableAuthentication: "yes"
-solrUsername: "test"
-solrPassword: "testpass"
-# Used to pass a comma separated list of optional options like '-XX:G1HeapRegionSize=8m'
-solrOpts: ""
-existingSecret: ""
-
-secret:
- credentials:
- enabled: true
- data:
- solr-password: '{{ ( .Values.solrPassword | default "empty" ) }}'
-
-env:
- SOLR_CORES: "{{ .Values.solrCores }}"
- SOLR_ENABLE_AUTHENTICATION: "{{ .Values.solrEnableAuthentication }}"
- SOLR_ADMIN_USERNAME: "{{ .Values.solrUsername }}"
- SOLR_OPTS: "{{ .Values.solrOpts }}"
- SOLR_ADMIN_PASSWORD:
- secretKeyRef:
- name: '{{ .Values.existingSecret | default ( printf "%s-credentials" ( include "tc.common.names.fullname" . ) ) }}'
- key: "solr-password"
-
-portal:
- enabled: true
-
-manifests:
- enabled: false
diff --git a/dependency/solr/2.0.31/questions.yaml b/dependency/solr/2.0.31/questions.yaml
deleted file mode 100644
index 18af5acc6c9..00000000000
--- a/dependency/solr/2.0.31/questions.yaml
+++ /dev/null
@@ -1,1603 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: solrCores
- group: "App Configuration"
- label: "Solr Cores"
- schema:
- type: string
- default: "testcore"
- required: true
- - variable: solrUsername
- group: "App Configuration"
- label: "Solr Admin Username"
- schema:
- type: string
- default: "test"
- required: true
- - variable: solrPassword
- group: "App Configuration"
- label: "Solr Admin Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: solrOpts
- group: "App Configuration"
- label: "Solr Opts"
- schema:
- type: string
- default: ""
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 8983
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: volumeClaimTemplates
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: db
- label: "DB Storage"
- description: "Stores the old Application Database."
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 1001
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/dependency/solr/2.0.31/templates/common.yaml b/dependency/solr/2.0.31/templates/common.yaml
deleted file mode 100644
index 76759c7a0c9..00000000000
--- a/dependency/solr/2.0.31/templates/common.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-
-{{ include "tc.common.loader.all" . }}
diff --git a/dependency/solr/2.0.31/values.yaml b/dependency/solr/2.0.31/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/dependency/solr/3.0.8/CHANGELOG.md b/dependency/solr/3.0.8/CHANGELOG.md
deleted file mode 100644
index 6260e65ea45..00000000000
--- a/dependency/solr/3.0.8/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [solr-3.0.8](https://github.com/truecharts/charts/compare/solr-3.0.7...solr-3.0.8) (2023-03-11)
-
-### Chore
-
-- remove subchart and update common
-
-
-
-
-## [solr-3.0.7](https://github.com/truecharts/charts/compare/solr-3.0.6...solr-3.0.7) (2023-03-07)
-
-### Fix
-
-- apply new common fixes to dependency train
-
-
-
-
-## [solr-3.0.6](https://github.com/truecharts/charts/compare/solr-3.0.5...solr-3.0.6) (2023-03-07)
-
-### Chore
-
-- bump common
-
-
-
-
-## [solr-3.0.5](https://github.com/truecharts/charts/compare/solr-3.0.4...solr-3.0.5) (2023-03-07)
-
-### Chore
-
-- bump common
-
- ### Fix
-
-- Fix fsGroup of dependency train ([#7758](https://github.com/truecharts/charts/issues/7758))
- - update common with vct label fix ([#7750](https://github.com/truecharts/charts/issues/7750))
-
-
-
-
-
-
-## [solr-3.0.4](https://github.com/truecharts/charts/compare/solr-3.0.3...solr-3.0.4) (2023-03-06)
-
-### Chore
-
-- bump dependency train ([#7748](https://github.com/truecharts/charts/issues/7748))
-
-
-
-
-## [solr-3.0.3](https://github.com/truecharts/charts/compare/solr-3.0.2...solr-3.0.3) (2023-03-05)
-
-### Fix
-
-- bump common to fix env rendering mistake
-
-
-
-
-## [solr-3.0.2](https://github.com/truecharts/charts/compare/solr-3.0.1...solr-3.0.2) (2023-03-05)
-
-### Fix
-
-- bump dependency train
- - bump common on dependency train
-
-
-
-
-## [solr-3.0.1](https://github.com/truecharts/charts/compare/solr-2.0.31...solr-3.0.1) (2023-03-05)
-
-### Fix
-
-- update dependency common linking ([#7746](https://github.com/truecharts/charts/issues/7746))
- - disable manifestmanager
-
-
-
-
-## [solr-2.0.31](https://github.com/truecharts/charts/compare/solr-2.0.30...solr-2.0.31) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/solr to 9.1.1
-
-
-
-
-## [solr-2.0.30](https://github.com/truecharts/charts/compare/solr-2.0.29...solr-2.0.30) (2023-02-10)
-
-### Fix
diff --git a/dependency/solr/3.0.8/Chart.yaml b/dependency/solr/3.0.8/Chart.yaml
deleted file mode 100644
index 5e15a9a2123..00000000000
--- a/dependency/solr/3.0.8/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-apiVersion: v2
-appVersion: "9.1.1"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.26
-deprecated: false
-description: Apache Solr
-home: https://truecharts.org/charts/dependency/solr
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/solr.png
-keywords:
- - solr
- - apache
- - search
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: solr
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/dependency/solr
- - https://hub.docker.com/r/bitnami/solr
- - https://github.com/apache/solr
-type: application
-version: 3.0.8
-annotations:
- truecharts.org/catagories: |
- - search
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/dependency/solr/3.0.8/README.md b/dependency/solr/3.0.8/README.md
deleted file mode 100644
index 36b5b3d8f7e..00000000000
--- a/dependency/solr/3.0.8/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/dependency/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/dependency/solr/3.0.8/app-changelog.md b/dependency/solr/3.0.8/app-changelog.md
deleted file mode 100644
index 3fcd092f94d..00000000000
--- a/dependency/solr/3.0.8/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [solr-3.0.8](https://github.com/truecharts/charts/compare/solr-3.0.7...solr-3.0.8) (2023-03-11)
-
-### Chore
-
-- remove subchart and update common
-
-
\ No newline at end of file
diff --git a/dependency/solr/3.0.8/app-readme.md b/dependency/solr/3.0.8/app-readme.md
deleted file mode 100644
index 1143b496adb..00000000000
--- a/dependency/solr/3.0.8/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Apache Solr
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/dependency/solr](https://truecharts.org/charts/dependency/solr)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/dependency/solr/3.0.8/charts/common-12.2.26.tgz b/dependency/solr/3.0.8/charts/common-12.2.26.tgz
deleted file mode 100644
index d457296b3bd..00000000000
Binary files a/dependency/solr/3.0.8/charts/common-12.2.26.tgz and /dev/null differ
diff --git a/dependency/solr/3.0.8/ix_values.yaml b/dependency/solr/3.0.8/ix_values.yaml
deleted file mode 100644
index 91d3c3bcff8..00000000000
--- a/dependency/solr/3.0.8/ix_values.yaml
+++ /dev/null
@@ -1,135 +0,0 @@
-image:
- repository: tccr.io/truecharts/solr
- pullPolicy: IfNotPresent
- tag: 9.1.1@sha256:4ac9d6e8120321349f0a3e5dbaff796192a9623de8fb164adf9f42de952479f1
-
-workload:
- main:
- type: StatefulSet
- replicas: 1
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- env:
- SOLR_CORES: "{{ .Values.solrCores }}"
- SOLR_ENABLE_AUTHENTICATION: "{{ .Values.solrEnableAuthentication }}"
- SOLR_ADMIN_USERNAME: "{{ .Values.solrUsername }}"
- SOLR_OPTS: "{{ .Values.solrOpts }}"
- SOLR_ADMIN_PASSWORD:
- secretKeyRef:
- expandObjectName: "{{ if .Values.solrPassword }}true{{ else }}false{{ end }}"
- name: '{{ if .Values.solrPassword }}credentials{{ else if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ printf "%s-%s" .Release.Name "solrcreds" }}{{ end }}'
- key: "solr-password"
-
- # -- Probe configuration
- # -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
- # @default -- See below
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- Enable the liveness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own livenessProbe
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - |
- if [ "$SOLR_ENABLE_AUTHENTICATION" == "yes" ]; then
- until curl --fail --user "${SOLR_ADMIN_USERNAME}":"${SOLR_ADMIN_PASSWORD}" localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- else
- until curl --fail localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- fi;
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- Enable the readiness probe
- enabled: true
- # -- Set this to `true` if you wish to specify your own readinessProbe
- custom: true
- # -- The spec field contains the values for the default readinessProbe.
- # If you selected `custom: true`, this field holds the definition of the readinessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - |
- if [ "$SOLR_ENABLE_AUTHENTICATION" == "yes" ]; then
- until curl --fail --user "${SOLR_ADMIN_USERNAME}":"${SOLR_ADMIN_PASSWORD}" localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- else
- until curl --fail localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- fi;
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- Enable the startup probe
- enabled: true
- custom: true
- # -- The spec field contains the values for the default livenessProbe.
- # If you selected `custom: true`, this field holds the definition of the livenessProbe.
- # @default -- See below
- spec:
- exec:
- command:
- - /bin/bash
- - -ec
- - |
- if [ "$SOLR_ENABLE_AUTHENTICATION" == "yes" ]; then
- until curl --fail --user "${SOLR_ADMIN_USERNAME}":"${SOLR_ADMIN_PASSWORD}" localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- else
- until curl --fail localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done
- fi;
-
-securityContext:
- container:
- runAsNonRoot: false
- readOnlyRootFilesystem: false
- runAsUser: 1001
- runAsGroup: 0
-
-service:
- main:
- ports:
- main:
- port: 8983
- targetPort: 8983
-
-volumeClaimTemplates:
- db:
- enabled: true
- mountPath: "/bitnami/solr"
-
-# Currently only single core is supported, with multiple cores, probes will fail.
-solrCores: "testcore"
-solrEnableAuthentication: "yes"
-solrUsername: "test"
-# Used to pass a comma separated list of optional options like '-XX:G1HeapRegionSize=8m'
-solrOpts: ""
-
-# -- Secret or password
-# One of these options is required, unless used as a dependency for another TrueCharts chart.
-existingSecret: ""
-solrPassword: ""
-
-secret:
- credentials:
- enabled: true
- data:
- solr-password: '{{ ( .Values.solrPassword | default "empty" ) }}'
-
-portal:
- open:
- enabled: true
-
-manifestManager:
- enabled: false
diff --git a/dependency/solr/3.0.8/questions.yaml b/dependency/solr/3.0.8/questions.yaml
deleted file mode 100644
index 6030fef5b4d..00000000000
--- a/dependency/solr/3.0.8/questions.yaml
+++ /dev/null
@@ -1,1555 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: solrCores
- group: "App Configuration"
- label: "Solr Cores"
- schema:
- type: string
- default: "testcore"
- required: true
- - variable: solrUsername
- group: "App Configuration"
- label: "Solr Admin Username"
- schema:
- type: string
- default: "test"
- required: true
- - variable: solrPassword
- group: "App Configuration"
- label: "Solr Admin Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: solrOpts
- group: "App Configuration"
- label: "Solr Opts"
- schema:
- type: string
- default: ""
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 8983
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: volumeClaimTemplates
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: db
- label: "DB Storage"
- description: "Stores the old Application Database."
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 1001
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/dependency/solr/3.0.8/templates/NOTES.txt b/dependency/solr/3.0.8/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/dependency/solr/3.0.8/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/dependency/solr/3.0.8/templates/common.yaml b/dependency/solr/3.0.8/templates/common.yaml
deleted file mode 100644
index 992373e7501..00000000000
--- a/dependency/solr/3.0.8/templates/common.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-
-{{ include "tc.v1.common.loader.all" . }}
diff --git a/dependency/solr/3.0.8/values.yaml b/dependency/solr/3.0.8/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.0/CHANGELOG.md b/enterprise/authelia/15.0.0/CHANGELOG.md
deleted file mode 100644
index 2de1b3fd6ec..00000000000
--- a/enterprise/authelia/15.0.0/CHANGELOG.md
+++ /dev/null
@@ -1,8 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.0/Chart.yaml b/enterprise/authelia/15.0.0/Chart.yaml
deleted file mode 100644
index 3167cd40959..00000000000
--- a/enterprise/authelia/15.0.0/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.9
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.4
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/stable/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/authelia
- - https://ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.0
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.0/LICENSE b/enterprise/authelia/15.0.0/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.0/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.0/README.md b/enterprise/authelia/15.0.0/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/enterprise/authelia/15.0.0/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.0/app-changelog.md b/enterprise/authelia/15.0.0/app-changelog.md
deleted file mode 100644
index a3d251ddf83..00000000000
--- a/enterprise/authelia/15.0.0/app-changelog.md
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.0/app-readme.md b/enterprise/authelia/15.0.0/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.0/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.0/charts/common-12.2.9.tgz b/enterprise/authelia/15.0.0/charts/common-12.2.9.tgz
deleted file mode 100644
index 5cd8d048631..00000000000
Binary files a/enterprise/authelia/15.0.0/charts/common-12.2.9.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.0/charts/redis-6.0.4.tgz b/enterprise/authelia/15.0.0/charts/redis-6.0.4.tgz
deleted file mode 100644
index 1da45223e4b..00000000000
Binary files a/enterprise/authelia/15.0.0/charts/redis-6.0.4.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.0/ix_values.yaml b/enterprise/authelia/15.0.0/ix_values.yaml
deleted file mode 100644
index 9b56530e1c8..00000000000
--- a/enterprise/authelia/15.0.0/ix_values.yaml
+++ /dev/null
@@ -1,619 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- # probes:
- # liveness:
- # type: HTTP
- # path: /api/health"
-
- # readiness:
- # type: HTTP
- # path: "/api/health"
-
- # startup:
- # type: HTTP
- # path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.0/questions.yaml b/enterprise/authelia/15.0.0/questions.yaml
deleted file mode 100644
index 20c04426188..00000000000
--- a/enterprise/authelia/15.0.0/questions.yaml
+++ /dev/null
@@ -1,2770 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection Url"
- description: "If user tries to authenticate without any referer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: inactivity
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "his mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "activedirectory"
- - value: "custom"
- description: "custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "==", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.0/templates/NOTES.txt b/enterprise/authelia/15.0.0/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.0/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.0/templates/_configmap.tpl b/enterprise/authelia/15.0.0/templates/_configmap.tpl
deleted file mode 100644
index 166130e898b..00000000000
--- a/enterprise/authelia/15.0.0/templates/_configmap.tpl
+++ /dev/null
@@ -1,245 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- read_buffer_size: {{ default 4096 .Values.server.read_buffer_size }}
- write_buffer_size: {{ default 4096 .Values.server.write_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- disable_reset_password: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.url.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- sslmode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.0/templates/_secrets.tpl b/enterprise/authelia/15.0.0/templates/_secrets.tpl
deleted file mode 100644
index ea2c56bfe79..00000000000
--- a/enterprise/authelia/15.0.0/templates/_secrets.tpl
+++ /dev/null
@@ -1,59 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
-{{- $oidckey := "" }}
-{{- $oidcsecret := "" }}
-{{- $jwtsecret := "" }}
-{{- $sessionsecret := "" }}
-{{- $encryptionkey := "" }}
-enabled: true
-data:
- {{- if $autheliaprevious }}
- SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" }}
- JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" }}
- {{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }}
- ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" }}
- {{- else }}
- {{- $encryptionkey := randAlphaNum 100 }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
- {{- else }}
- {{- $jwtsecret := randAlphaNum 50 }}
- {{- $sessionsecret := randAlphaNum 50 }}
- {{- $encryptionkey := randAlphaNum 100 }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret}}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- {{- if $autheliaprevious }}
- {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
- OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }}
- OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }}
- {{- else }}
- {{- $oidckey := genPrivateKey "rsa" }}
- {{- $oidcsecret := randAlphaNum 32 }}
- OIDC_PRIVATE_KEY: {{ $oidckey }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.0/templates/common.yaml b/enterprise/authelia/15.0.0/templates/common.yaml
deleted file mode 100644
index 473823a6fc1..00000000000
--- a/enterprise/authelia/15.0.0/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.0/values.yaml b/enterprise/authelia/15.0.0/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.1/CHANGELOG.md b/enterprise/authelia/15.0.1/CHANGELOG.md
deleted file mode 100644
index 6224191939e..00000000000
--- a/enterprise/authelia/15.0.1/CHANGELOG.md
+++ /dev/null
@@ -1,21 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.1/Chart.yaml b/enterprise/authelia/15.0.1/Chart.yaml
deleted file mode 100644
index f43c9983a3b..00000000000
--- a/enterprise/authelia/15.0.1/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.15
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.7
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.1
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.1/LICENSE b/enterprise/authelia/15.0.1/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.1/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.1/README.md b/enterprise/authelia/15.0.1/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.1/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.1/app-changelog.md b/enterprise/authelia/15.0.1/app-changelog.md
deleted file mode 100644
index 53f3f6788b3..00000000000
--- a/enterprise/authelia/15.0.1/app-changelog.md
+++ /dev/null
@@ -1,13 +0,0 @@
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.0.1/app-readme.md b/enterprise/authelia/15.0.1/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.1/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.1/charts/common-12.2.15.tgz b/enterprise/authelia/15.0.1/charts/common-12.2.15.tgz
deleted file mode 100644
index ee335e0c550..00000000000
Binary files a/enterprise/authelia/15.0.1/charts/common-12.2.15.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.1/charts/redis-6.0.7.tgz b/enterprise/authelia/15.0.1/charts/redis-6.0.7.tgz
deleted file mode 100644
index 8930f5e73e5..00000000000
Binary files a/enterprise/authelia/15.0.1/charts/redis-6.0.7.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.1/ix_values.yaml b/enterprise/authelia/15.0.1/ix_values.yaml
deleted file mode 100644
index 9b56530e1c8..00000000000
--- a/enterprise/authelia/15.0.1/ix_values.yaml
+++ /dev/null
@@ -1,619 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- # probes:
- # liveness:
- # type: HTTP
- # path: /api/health"
-
- # readiness:
- # type: HTTP
- # path: "/api/health"
-
- # startup:
- # type: HTTP
- # path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.1/questions.yaml b/enterprise/authelia/15.0.1/questions.yaml
deleted file mode 100644
index cd21f48f241..00000000000
--- a/enterprise/authelia/15.0.1/questions.yaml
+++ /dev/null
@@ -1,2782 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection Url"
- description: "If user tries to authenticate without any referer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: inactivity
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "his mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "activedirectory"
- - value: "custom"
- description: "custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.1/templates/NOTES.txt b/enterprise/authelia/15.0.1/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.1/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.1/templates/_configmap.tpl b/enterprise/authelia/15.0.1/templates/_configmap.tpl
deleted file mode 100644
index 166130e898b..00000000000
--- a/enterprise/authelia/15.0.1/templates/_configmap.tpl
+++ /dev/null
@@ -1,245 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- read_buffer_size: {{ default 4096 .Values.server.read_buffer_size }}
- write_buffer_size: {{ default 4096 .Values.server.write_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- disable_reset_password: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.url.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- sslmode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.1/templates/_secrets.tpl b/enterprise/authelia/15.0.1/templates/_secrets.tpl
deleted file mode 100644
index ea2c56bfe79..00000000000
--- a/enterprise/authelia/15.0.1/templates/_secrets.tpl
+++ /dev/null
@@ -1,59 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
-{{- $oidckey := "" }}
-{{- $oidcsecret := "" }}
-{{- $jwtsecret := "" }}
-{{- $sessionsecret := "" }}
-{{- $encryptionkey := "" }}
-enabled: true
-data:
- {{- if $autheliaprevious }}
- SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" }}
- JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" }}
- {{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }}
- ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" }}
- {{- else }}
- {{- $encryptionkey := randAlphaNum 100 }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
- {{- else }}
- {{- $jwtsecret := randAlphaNum 50 }}
- {{- $sessionsecret := randAlphaNum 50 }}
- {{- $encryptionkey := randAlphaNum 100 }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret}}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- {{- if $autheliaprevious }}
- {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
- OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }}
- OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }}
- {{- else }}
- {{- $oidckey := genPrivateKey "rsa" }}
- {{- $oidcsecret := randAlphaNum 32 }}
- OIDC_PRIVATE_KEY: {{ $oidckey }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.1/templates/common.yaml b/enterprise/authelia/15.0.1/templates/common.yaml
deleted file mode 100644
index 473823a6fc1..00000000000
--- a/enterprise/authelia/15.0.1/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.1/values.yaml b/enterprise/authelia/15.0.1/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.10/CHANGELOG.md b/enterprise/authelia/15.0.10/CHANGELOG.md
deleted file mode 100644
index fe29bb79865..00000000000
--- a/enterprise/authelia/15.0.10/CHANGELOG.md
+++ /dev/null
@@ -1,89 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.10](https://github.com/truecharts/charts/compare/authelia-15.0.9...authelia-15.0.10) (2023-03-08)
-
-### Fix
-
-- indent priv key ([#7770](https://github.com/truecharts/charts/issues/7770))
-
-
-
-
-## [authelia-15.0.9](https://github.com/truecharts/charts/compare/authelia-15.0.8...authelia-15.0.9) (2023-03-08)
-
-### Chore
-
-- cleanup secret a bit ([#7768](https://github.com/truecharts/charts/issues/7768))
-
-
-
-
-## [authelia-15.0.8](https://github.com/truecharts/charts/compare/authelia-15.0.7...authelia-15.0.8) (2023-03-07)
-
-### Fix
-
-- fix broken fetching of old values on authelia ([#7764](https://github.com/truecharts/charts/issues/7764))
-
-
-
-
-## [authelia-15.0.7](https://github.com/truecharts/charts/compare/authelia-15.0.6...authelia-15.0.7) (2023-03-07)
-
-### Fix
-
-- prevent encryption key resets
-
-
-
-
-## [authelia-15.0.6](https://github.com/truecharts/charts/compare/authelia-15.0.5...authelia-15.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
-
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.10/Chart.yaml b/enterprise/authelia/15.0.10/Chart.yaml
deleted file mode 100644
index ba91f5de0e0..00000000000
--- a/enterprise/authelia/15.0.10/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.14
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.10
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.10/LICENSE b/enterprise/authelia/15.0.10/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.10/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.10/README.md b/enterprise/authelia/15.0.10/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.10/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.10/app-changelog.md b/enterprise/authelia/15.0.10/app-changelog.md
deleted file mode 100644
index 045df8eecef..00000000000
--- a/enterprise/authelia/15.0.10/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-15.0.10](https://github.com/truecharts/charts/compare/authelia-15.0.9...authelia-15.0.10) (2023-03-08)
-
-### Fix
-
-- indent priv key ([#7770](https://github.com/truecharts/charts/issues/7770))
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.0.10/app-readme.md b/enterprise/authelia/15.0.10/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.10/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.10/charts/common-12.2.24.tgz b/enterprise/authelia/15.0.10/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/authelia/15.0.10/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.10/charts/redis-6.0.14.tgz b/enterprise/authelia/15.0.10/charts/redis-6.0.14.tgz
deleted file mode 100644
index fb93c84df47..00000000000
Binary files a/enterprise/authelia/15.0.10/charts/redis-6.0.14.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.10/ix_values.yaml b/enterprise/authelia/15.0.10/ix_values.yaml
deleted file mode 100644
index 79559954057..00000000000
--- a/enterprise/authelia/15.0.10/ix_values.yaml
+++ /dev/null
@@ -1,619 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- probes:
- liveness:
- type: http
- path: /api/health"
-
- readiness:
- type: http
- path: "/api/health"
-
- startup:
- type: http
- path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.10/questions.yaml b/enterprise/authelia/15.0.10/questions.yaml
deleted file mode 100644
index 2ddaa0f402b..00000000000
--- a/enterprise/authelia/15.0.10/questions.yaml
+++ /dev/null
@@ -1,2781 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection URL"
- description: "If user tries to authenticate without any referrer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: remember_me_duration
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "This mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilized for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "Active Directory"
- - value: "custom"
- description: "Custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.10/templates/NOTES.txt b/enterprise/authelia/15.0.10/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.10/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.10/templates/_configmap.tpl b/enterprise/authelia/15.0.10/templates/_configmap.tpl
deleted file mode 100644
index c0497f5e570..00000000000
--- a/enterprise/authelia/15.0.10/templates/_configmap.tpl
+++ /dev/null
@@ -1,248 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- buffers:
- write: {{ default 4096 .Values.server.write_buffer_size }}
- read: {{ default 4096 .Values.server.read_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- password_reset:
- disable: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- ssl:
- mode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.10/templates/_secrets.tpl b/enterprise/authelia/15.0.10/templates/_secrets.tpl
deleted file mode 100644
index 14ed88d973d..00000000000
--- a/enterprise/authelia/15.0.10/templates/_secrets.tpl
+++ /dev/null
@@ -1,53 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $basename := include "tc.v1.common.lib.chart.names.fullname" $ -}}
-{{- $fetchname := printf "%s-authelia-secrets" $basename -}}
-
-{{/* Initialize all keys */}}
-{{- $oidckey := genPrivateKey "rsa" }}
-{{- $oidcsecret := randAlphaNum 32 }}
-{{- $jwtsecret := randAlphaNum 50 }}
-{{- $sessionsecret := randAlphaNum 50 }}
-{{- $encryptionkey := randAlphaNum 100 }}
-
-enabled: true
-data:
- {{ with (lookup "v1" "Secret" .Release.Namespace $fetchname) }}
- {{/* Get previous values and decode */}}
- {{ $sessionsecret = (index .data "SESSION_ENCRYPTION_KEY") | b64dec }}
- {{ $jwtsecret = (index .data "JWT_TOKEN") | b64dec }}
- {{ $encryptionkey = (index .data "ENCRYPTION_KEY") | b64dec }}
-
- {{/* Check if those keys ever existed. as OIDC is optional */}}
- {{ if and (hasKey .data "OIDC_PRIVATE_KEY") (hasKey .data "OIDC_HMAC_SECRET") }}
- {{ $oidckey = (index .data "OIDC_PRIVATE_KEY") | b64dec }}
- {{ $oidcsecret = (index .data "OIDC_HMAC_SECRET") | b64dec }}
- {{ end }}
- {{ end }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled }}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- OIDC_PRIVATE_KEY: |
- {{- $oidckey | nindent 4 }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.10/templates/common.yaml b/enterprise/authelia/15.0.10/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.0.10/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.10/values.yaml b/enterprise/authelia/15.0.10/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.11/CHANGELOG.md b/enterprise/authelia/15.0.11/CHANGELOG.md
deleted file mode 100644
index f02744fb709..00000000000
--- a/enterprise/authelia/15.0.11/CHANGELOG.md
+++ /dev/null
@@ -1,94 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.11](https://github.com/truecharts/charts/compare/authelia-15.0.10...authelia-15.0.11) (2023-03-08)
-
-
-
-
-## [authelia-15.0.10](https://github.com/truecharts/charts/compare/authelia-15.0.9...authelia-15.0.10) (2023-03-08)
-
-### Fix
-
-- indent priv key ([#7770](https://github.com/truecharts/charts/issues/7770))
-
-
-
-
-## [authelia-15.0.9](https://github.com/truecharts/charts/compare/authelia-15.0.8...authelia-15.0.9) (2023-03-08)
-
-### Chore
-
-- cleanup secret a bit ([#7768](https://github.com/truecharts/charts/issues/7768))
-
-
-
-
-## [authelia-15.0.8](https://github.com/truecharts/charts/compare/authelia-15.0.7...authelia-15.0.8) (2023-03-07)
-
-### Fix
-
-- fix broken fetching of old values on authelia ([#7764](https://github.com/truecharts/charts/issues/7764))
-
-
-
-
-## [authelia-15.0.7](https://github.com/truecharts/charts/compare/authelia-15.0.6...authelia-15.0.7) (2023-03-07)
-
-### Fix
-
-- prevent encryption key resets
-
-
-
-
-## [authelia-15.0.6](https://github.com/truecharts/charts/compare/authelia-15.0.5...authelia-15.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
-
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.11/Chart.yaml b/enterprise/authelia/15.0.11/Chart.yaml
deleted file mode 100644
index 0641b4eb07e..00000000000
--- a/enterprise/authelia/15.0.11/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.14
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.11
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.11/LICENSE b/enterprise/authelia/15.0.11/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.11/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.11/README.md b/enterprise/authelia/15.0.11/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.11/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.11/app-changelog.md b/enterprise/authelia/15.0.11/app-changelog.md
deleted file mode 100644
index 081a39be2ed..00000000000
--- a/enterprise/authelia/15.0.11/app-changelog.md
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-## [authelia-15.0.11](https://github.com/truecharts/charts/compare/authelia-15.0.10...authelia-15.0.11) (2023-03-08)
-
diff --git a/enterprise/authelia/15.0.11/app-readme.md b/enterprise/authelia/15.0.11/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.11/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.11/charts/common-12.2.24.tgz b/enterprise/authelia/15.0.11/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/authelia/15.0.11/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.11/charts/redis-6.0.14.tgz b/enterprise/authelia/15.0.11/charts/redis-6.0.14.tgz
deleted file mode 100644
index fb93c84df47..00000000000
Binary files a/enterprise/authelia/15.0.11/charts/redis-6.0.14.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.11/ix_values.yaml b/enterprise/authelia/15.0.11/ix_values.yaml
deleted file mode 100644
index 624f9dccd41..00000000000
--- a/enterprise/authelia/15.0.11/ix_values.yaml
+++ /dev/null
@@ -1,619 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- probes:
- liveness:
- type: http
- path: "/api/health"
-
- readiness:
- type: http
- path: "/api/health"
-
- startup:
- type: http
- path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.11/questions.yaml b/enterprise/authelia/15.0.11/questions.yaml
deleted file mode 100644
index 2ddaa0f402b..00000000000
--- a/enterprise/authelia/15.0.11/questions.yaml
+++ /dev/null
@@ -1,2781 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection URL"
- description: "If user tries to authenticate without any referrer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: remember_me_duration
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "This mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilized for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "Active Directory"
- - value: "custom"
- description: "Custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.11/templates/NOTES.txt b/enterprise/authelia/15.0.11/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.11/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.11/templates/_configmap.tpl b/enterprise/authelia/15.0.11/templates/_configmap.tpl
deleted file mode 100644
index c0497f5e570..00000000000
--- a/enterprise/authelia/15.0.11/templates/_configmap.tpl
+++ /dev/null
@@ -1,248 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- buffers:
- write: {{ default 4096 .Values.server.write_buffer_size }}
- read: {{ default 4096 .Values.server.read_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- password_reset:
- disable: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- ssl:
- mode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.11/templates/_secrets.tpl b/enterprise/authelia/15.0.11/templates/_secrets.tpl
deleted file mode 100644
index 14ed88d973d..00000000000
--- a/enterprise/authelia/15.0.11/templates/_secrets.tpl
+++ /dev/null
@@ -1,53 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $basename := include "tc.v1.common.lib.chart.names.fullname" $ -}}
-{{- $fetchname := printf "%s-authelia-secrets" $basename -}}
-
-{{/* Initialize all keys */}}
-{{- $oidckey := genPrivateKey "rsa" }}
-{{- $oidcsecret := randAlphaNum 32 }}
-{{- $jwtsecret := randAlphaNum 50 }}
-{{- $sessionsecret := randAlphaNum 50 }}
-{{- $encryptionkey := randAlphaNum 100 }}
-
-enabled: true
-data:
- {{ with (lookup "v1" "Secret" .Release.Namespace $fetchname) }}
- {{/* Get previous values and decode */}}
- {{ $sessionsecret = (index .data "SESSION_ENCRYPTION_KEY") | b64dec }}
- {{ $jwtsecret = (index .data "JWT_TOKEN") | b64dec }}
- {{ $encryptionkey = (index .data "ENCRYPTION_KEY") | b64dec }}
-
- {{/* Check if those keys ever existed. as OIDC is optional */}}
- {{ if and (hasKey .data "OIDC_PRIVATE_KEY") (hasKey .data "OIDC_HMAC_SECRET") }}
- {{ $oidckey = (index .data "OIDC_PRIVATE_KEY") | b64dec }}
- {{ $oidcsecret = (index .data "OIDC_HMAC_SECRET") | b64dec }}
- {{ end }}
- {{ end }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled }}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- OIDC_PRIVATE_KEY: |
- {{- $oidckey | nindent 4 }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.11/templates/common.yaml b/enterprise/authelia/15.0.11/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.0.11/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.11/values.yaml b/enterprise/authelia/15.0.11/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.12/CHANGELOG.md b/enterprise/authelia/15.0.12/CHANGELOG.md
deleted file mode 100644
index b1bafc7c59d..00000000000
--- a/enterprise/authelia/15.0.12/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.12](https://github.com/truecharts/charts/compare/authelia-15.0.11...authelia-15.0.12) (2023-03-09)
-
-### Chore
-
-- bump dependencies and release 2 replica default
-
- ### Feat
-
-- replicas2 part 2
- - run 2 replica's with rolling updates
-
-
-
-
-## [authelia-15.0.11](https://github.com/truecharts/charts/compare/authelia-15.0.10...authelia-15.0.11) (2023-03-08)
-
-
-
-
-## [authelia-15.0.10](https://github.com/truecharts/charts/compare/authelia-15.0.9...authelia-15.0.10) (2023-03-08)
-
-### Fix
-
-- indent priv key ([#7770](https://github.com/truecharts/charts/issues/7770))
-
-
-
-
-## [authelia-15.0.9](https://github.com/truecharts/charts/compare/authelia-15.0.8...authelia-15.0.9) (2023-03-08)
-
-### Chore
-
-- cleanup secret a bit ([#7768](https://github.com/truecharts/charts/issues/7768))
-
-
-
-
-## [authelia-15.0.8](https://github.com/truecharts/charts/compare/authelia-15.0.7...authelia-15.0.8) (2023-03-07)
-
-### Fix
-
-- fix broken fetching of old values on authelia ([#7764](https://github.com/truecharts/charts/issues/7764))
-
-
-
-
-## [authelia-15.0.7](https://github.com/truecharts/charts/compare/authelia-15.0.6...authelia-15.0.7) (2023-03-07)
-
-### Fix
-
-- prevent encryption key resets
-
-
-
-
-## [authelia-15.0.6](https://github.com/truecharts/charts/compare/authelia-15.0.5...authelia-15.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
-
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
diff --git a/enterprise/authelia/15.0.12/Chart.yaml b/enterprise/authelia/15.0.12/Chart.yaml
deleted file mode 100644
index bfb6a2b1dee..00000000000
--- a/enterprise/authelia/15.0.12/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.25
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.15
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.12
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.12/LICENSE b/enterprise/authelia/15.0.12/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.12/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.12/README.md b/enterprise/authelia/15.0.12/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.12/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.12/app-changelog.md b/enterprise/authelia/15.0.12/app-changelog.md
deleted file mode 100644
index 8f18e3ef49b..00000000000
--- a/enterprise/authelia/15.0.12/app-changelog.md
+++ /dev/null
@@ -1,14 +0,0 @@
-
-
-## [authelia-15.0.12](https://github.com/truecharts/charts/compare/authelia-15.0.11...authelia-15.0.12) (2023-03-09)
-
-### Chore
-
-- bump dependencies and release 2 replica default
-
- ### Feat
-
-- replicas2 part 2
- - run 2 replica's with rolling updates
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.0.12/app-readme.md b/enterprise/authelia/15.0.12/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.12/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.12/charts/common-12.2.25.tgz b/enterprise/authelia/15.0.12/charts/common-12.2.25.tgz
deleted file mode 100644
index 947732935e0..00000000000
Binary files a/enterprise/authelia/15.0.12/charts/common-12.2.25.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.12/charts/redis-6.0.15.tgz b/enterprise/authelia/15.0.12/charts/redis-6.0.15.tgz
deleted file mode 100644
index dd66c4938b1..00000000000
Binary files a/enterprise/authelia/15.0.12/charts/redis-6.0.15.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.12/ix_values.yaml b/enterprise/authelia/15.0.12/ix_values.yaml
deleted file mode 100644
index 6ba6789c92a..00000000000
--- a/enterprise/authelia/15.0.12/ix_values.yaml
+++ /dev/null
@@ -1,621 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- probes:
- liveness:
- type: http
- path: "/api/health"
-
- readiness:
- type: http
- path: "/api/health"
-
- startup:
- type: http
- path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.12/questions.yaml b/enterprise/authelia/15.0.12/questions.yaml
deleted file mode 100644
index 1bc7ce70bc2..00000000000
--- a/enterprise/authelia/15.0.12/questions.yaml
+++ /dev/null
@@ -1,2781 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 2
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection URL"
- description: "If user tries to authenticate without any referrer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: remember_me_duration
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "This mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilized for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "Active Directory"
- - value: "custom"
- description: "Custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.12/templates/NOTES.txt b/enterprise/authelia/15.0.12/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.12/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.12/templates/_configmap.tpl b/enterprise/authelia/15.0.12/templates/_configmap.tpl
deleted file mode 100644
index c0497f5e570..00000000000
--- a/enterprise/authelia/15.0.12/templates/_configmap.tpl
+++ /dev/null
@@ -1,248 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- buffers:
- write: {{ default 4096 .Values.server.write_buffer_size }}
- read: {{ default 4096 .Values.server.read_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- password_reset:
- disable: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- ssl:
- mode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.12/templates/_secrets.tpl b/enterprise/authelia/15.0.12/templates/_secrets.tpl
deleted file mode 100644
index 14ed88d973d..00000000000
--- a/enterprise/authelia/15.0.12/templates/_secrets.tpl
+++ /dev/null
@@ -1,53 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $basename := include "tc.v1.common.lib.chart.names.fullname" $ -}}
-{{- $fetchname := printf "%s-authelia-secrets" $basename -}}
-
-{{/* Initialize all keys */}}
-{{- $oidckey := genPrivateKey "rsa" }}
-{{- $oidcsecret := randAlphaNum 32 }}
-{{- $jwtsecret := randAlphaNum 50 }}
-{{- $sessionsecret := randAlphaNum 50 }}
-{{- $encryptionkey := randAlphaNum 100 }}
-
-enabled: true
-data:
- {{ with (lookup "v1" "Secret" .Release.Namespace $fetchname) }}
- {{/* Get previous values and decode */}}
- {{ $sessionsecret = (index .data "SESSION_ENCRYPTION_KEY") | b64dec }}
- {{ $jwtsecret = (index .data "JWT_TOKEN") | b64dec }}
- {{ $encryptionkey = (index .data "ENCRYPTION_KEY") | b64dec }}
-
- {{/* Check if those keys ever existed. as OIDC is optional */}}
- {{ if and (hasKey .data "OIDC_PRIVATE_KEY") (hasKey .data "OIDC_HMAC_SECRET") }}
- {{ $oidckey = (index .data "OIDC_PRIVATE_KEY") | b64dec }}
- {{ $oidcsecret = (index .data "OIDC_HMAC_SECRET") | b64dec }}
- {{ end }}
- {{ end }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled }}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- OIDC_PRIVATE_KEY: |
- {{- $oidckey | nindent 4 }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.12/templates/common.yaml b/enterprise/authelia/15.0.12/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.0.12/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.12/values.yaml b/enterprise/authelia/15.0.12/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.13/CHANGELOG.md b/enterprise/authelia/15.0.13/CHANGELOG.md
deleted file mode 100644
index 9283c6ff9b8..00000000000
--- a/enterprise/authelia/15.0.13/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.13](https://github.com/truecharts/charts/compare/authelia-15.0.12...authelia-15.0.13) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
-
-
-## [authelia-15.0.12](https://github.com/truecharts/charts/compare/authelia-15.0.11...authelia-15.0.12) (2023-03-09)
-
-### Chore
-
-- bump dependencies and release 2 replica default
-
- ### Feat
-
-- replicas2 part 2
- - run 2 replica's with rolling updates
-
-
-
-
-## [authelia-15.0.11](https://github.com/truecharts/charts/compare/authelia-15.0.10...authelia-15.0.11) (2023-03-08)
-
-
-
-
-## [authelia-15.0.10](https://github.com/truecharts/charts/compare/authelia-15.0.9...authelia-15.0.10) (2023-03-08)
-
-### Fix
-
-- indent priv key ([#7770](https://github.com/truecharts/charts/issues/7770))
-
-
-
-
-## [authelia-15.0.9](https://github.com/truecharts/charts/compare/authelia-15.0.8...authelia-15.0.9) (2023-03-08)
-
-### Chore
-
-- cleanup secret a bit ([#7768](https://github.com/truecharts/charts/issues/7768))
-
-
-
-
-## [authelia-15.0.8](https://github.com/truecharts/charts/compare/authelia-15.0.7...authelia-15.0.8) (2023-03-07)
-
-### Fix
-
-- fix broken fetching of old values on authelia ([#7764](https://github.com/truecharts/charts/issues/7764))
-
-
-
-
-## [authelia-15.0.7](https://github.com/truecharts/charts/compare/authelia-15.0.6...authelia-15.0.7) (2023-03-07)
-
-### Fix
-
-- prevent encryption key resets
-
-
-
-
-## [authelia-15.0.6](https://github.com/truecharts/charts/compare/authelia-15.0.5...authelia-15.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
-
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
diff --git a/enterprise/authelia/15.0.13/Chart.yaml b/enterprise/authelia/15.0.13/Chart.yaml
deleted file mode 100644
index 4d5eef79f0a..00000000000
--- a/enterprise/authelia/15.0.13/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.28
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.17
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.13
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.13/LICENSE b/enterprise/authelia/15.0.13/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.13/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.13/README.md b/enterprise/authelia/15.0.13/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.13/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.13/app-changelog.md b/enterprise/authelia/15.0.13/app-changelog.md
deleted file mode 100644
index e9a2219d817..00000000000
--- a/enterprise/authelia/15.0.13/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-15.0.13](https://github.com/truecharts/charts/compare/authelia-15.0.12...authelia-15.0.13) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.0.13/app-readme.md b/enterprise/authelia/15.0.13/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.13/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.13/charts/common-12.2.28.tgz b/enterprise/authelia/15.0.13/charts/common-12.2.28.tgz
deleted file mode 100644
index 4a3a50054c6..00000000000
Binary files a/enterprise/authelia/15.0.13/charts/common-12.2.28.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.13/charts/redis-6.0.17.tgz b/enterprise/authelia/15.0.13/charts/redis-6.0.17.tgz
deleted file mode 100644
index 46e8ead845f..00000000000
Binary files a/enterprise/authelia/15.0.13/charts/redis-6.0.17.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.13/ix_values.yaml b/enterprise/authelia/15.0.13/ix_values.yaml
deleted file mode 100644
index 6ba6789c92a..00000000000
--- a/enterprise/authelia/15.0.13/ix_values.yaml
+++ /dev/null
@@ -1,621 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- probes:
- liveness:
- type: http
- path: "/api/health"
-
- readiness:
- type: http
- path: "/api/health"
-
- startup:
- type: http
- path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.13/questions.yaml b/enterprise/authelia/15.0.13/questions.yaml
deleted file mode 100644
index ca4e8c8b06e..00000000000
--- a/enterprise/authelia/15.0.13/questions.yaml
+++ /dev/null
@@ -1,2781 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 2
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection URL"
- description: "If user tries to authenticate without any referrer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: remember_me_duration
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "This mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilized for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "Active Directory"
- - value: "custom"
- description: "Custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["certificateIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.13/templates/NOTES.txt b/enterprise/authelia/15.0.13/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.13/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.13/templates/_configmap.tpl b/enterprise/authelia/15.0.13/templates/_configmap.tpl
deleted file mode 100644
index c0497f5e570..00000000000
--- a/enterprise/authelia/15.0.13/templates/_configmap.tpl
+++ /dev/null
@@ -1,248 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- buffers:
- write: {{ default 4096 .Values.server.write_buffer_size }}
- read: {{ default 4096 .Values.server.read_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- password_reset:
- disable: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- ssl:
- mode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.13/templates/_secrets.tpl b/enterprise/authelia/15.0.13/templates/_secrets.tpl
deleted file mode 100644
index 14ed88d973d..00000000000
--- a/enterprise/authelia/15.0.13/templates/_secrets.tpl
+++ /dev/null
@@ -1,53 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $basename := include "tc.v1.common.lib.chart.names.fullname" $ -}}
-{{- $fetchname := printf "%s-authelia-secrets" $basename -}}
-
-{{/* Initialize all keys */}}
-{{- $oidckey := genPrivateKey "rsa" }}
-{{- $oidcsecret := randAlphaNum 32 }}
-{{- $jwtsecret := randAlphaNum 50 }}
-{{- $sessionsecret := randAlphaNum 50 }}
-{{- $encryptionkey := randAlphaNum 100 }}
-
-enabled: true
-data:
- {{ with (lookup "v1" "Secret" .Release.Namespace $fetchname) }}
- {{/* Get previous values and decode */}}
- {{ $sessionsecret = (index .data "SESSION_ENCRYPTION_KEY") | b64dec }}
- {{ $jwtsecret = (index .data "JWT_TOKEN") | b64dec }}
- {{ $encryptionkey = (index .data "ENCRYPTION_KEY") | b64dec }}
-
- {{/* Check if those keys ever existed. as OIDC is optional */}}
- {{ if and (hasKey .data "OIDC_PRIVATE_KEY") (hasKey .data "OIDC_HMAC_SECRET") }}
- {{ $oidckey = (index .data "OIDC_PRIVATE_KEY") | b64dec }}
- {{ $oidcsecret = (index .data "OIDC_HMAC_SECRET") | b64dec }}
- {{ end }}
- {{ end }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled }}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- OIDC_PRIVATE_KEY: |
- {{- $oidckey | nindent 4 }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.13/templates/common.yaml b/enterprise/authelia/15.0.13/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.0.13/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.13/values.yaml b/enterprise/authelia/15.0.13/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.3/CHANGELOG.md b/enterprise/authelia/15.0.3/CHANGELOG.md
deleted file mode 100644
index 3def2b75095..00000000000
--- a/enterprise/authelia/15.0.3/CHANGELOG.md
+++ /dev/null
@@ -1,30 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.3/Chart.yaml b/enterprise/authelia/15.0.3/Chart.yaml
deleted file mode 100644
index 282089119c2..00000000000
--- a/enterprise/authelia/15.0.3/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.18
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.9
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.3
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.3/LICENSE b/enterprise/authelia/15.0.3/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.3/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.3/README.md b/enterprise/authelia/15.0.3/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.3/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.3/app-changelog.md b/enterprise/authelia/15.0.3/app-changelog.md
deleted file mode 100644
index 3856e8fced1..00000000000
--- a/enterprise/authelia/15.0.3/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.0.3/app-readme.md b/enterprise/authelia/15.0.3/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.3/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.3/charts/common-12.2.18.tgz b/enterprise/authelia/15.0.3/charts/common-12.2.18.tgz
deleted file mode 100644
index 3a48d999d53..00000000000
Binary files a/enterprise/authelia/15.0.3/charts/common-12.2.18.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.3/charts/redis-6.0.9.tgz b/enterprise/authelia/15.0.3/charts/redis-6.0.9.tgz
deleted file mode 100644
index e192acf20b0..00000000000
Binary files a/enterprise/authelia/15.0.3/charts/redis-6.0.9.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.3/ix_values.yaml b/enterprise/authelia/15.0.3/ix_values.yaml
deleted file mode 100644
index 9b56530e1c8..00000000000
--- a/enterprise/authelia/15.0.3/ix_values.yaml
+++ /dev/null
@@ -1,619 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- # probes:
- # liveness:
- # type: HTTP
- # path: /api/health"
-
- # readiness:
- # type: HTTP
- # path: "/api/health"
-
- # startup:
- # type: HTTP
- # path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.3/questions.yaml b/enterprise/authelia/15.0.3/questions.yaml
deleted file mode 100644
index cd21f48f241..00000000000
--- a/enterprise/authelia/15.0.3/questions.yaml
+++ /dev/null
@@ -1,2782 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection Url"
- description: "If user tries to authenticate without any referer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: inactivity
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "his mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "activedirectory"
- - value: "custom"
- description: "custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.3/templates/NOTES.txt b/enterprise/authelia/15.0.3/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.3/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.3/templates/_configmap.tpl b/enterprise/authelia/15.0.3/templates/_configmap.tpl
deleted file mode 100644
index 166130e898b..00000000000
--- a/enterprise/authelia/15.0.3/templates/_configmap.tpl
+++ /dev/null
@@ -1,245 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- read_buffer_size: {{ default 4096 .Values.server.read_buffer_size }}
- write_buffer_size: {{ default 4096 .Values.server.write_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- disable_reset_password: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.url.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- sslmode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.3/templates/_secrets.tpl b/enterprise/authelia/15.0.3/templates/_secrets.tpl
deleted file mode 100644
index ea2c56bfe79..00000000000
--- a/enterprise/authelia/15.0.3/templates/_secrets.tpl
+++ /dev/null
@@ -1,59 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
-{{- $oidckey := "" }}
-{{- $oidcsecret := "" }}
-{{- $jwtsecret := "" }}
-{{- $sessionsecret := "" }}
-{{- $encryptionkey := "" }}
-enabled: true
-data:
- {{- if $autheliaprevious }}
- SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" }}
- JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" }}
- {{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }}
- ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" }}
- {{- else }}
- {{- $encryptionkey := randAlphaNum 100 }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
- {{- else }}
- {{- $jwtsecret := randAlphaNum 50 }}
- {{- $sessionsecret := randAlphaNum 50 }}
- {{- $encryptionkey := randAlphaNum 100 }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret}}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- {{- if $autheliaprevious }}
- {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
- OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }}
- OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }}
- {{- else }}
- {{- $oidckey := genPrivateKey "rsa" }}
- {{- $oidcsecret := randAlphaNum 32 }}
- OIDC_PRIVATE_KEY: {{ $oidckey }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.3/templates/common.yaml b/enterprise/authelia/15.0.3/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.0.3/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.3/values.yaml b/enterprise/authelia/15.0.3/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.4/CHANGELOG.md b/enterprise/authelia/15.0.4/CHANGELOG.md
deleted file mode 100644
index 59e2af85432..00000000000
--- a/enterprise/authelia/15.0.4/CHANGELOG.md
+++ /dev/null
@@ -1,39 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.4/Chart.yaml b/enterprise/authelia/15.0.4/Chart.yaml
deleted file mode 100644
index d95e73d050b..00000000000
--- a/enterprise/authelia/15.0.4/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.19
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.10
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.4
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.4/LICENSE b/enterprise/authelia/15.0.4/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.4/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.4/README.md b/enterprise/authelia/15.0.4/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.4/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.4/app-changelog.md b/enterprise/authelia/15.0.4/app-changelog.md
deleted file mode 100644
index 0110cb3a239..00000000000
--- a/enterprise/authelia/15.0.4/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.0.4/app-readme.md b/enterprise/authelia/15.0.4/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.4/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.4/charts/common-12.2.19.tgz b/enterprise/authelia/15.0.4/charts/common-12.2.19.tgz
deleted file mode 100644
index 7959002233d..00000000000
Binary files a/enterprise/authelia/15.0.4/charts/common-12.2.19.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.4/charts/redis-6.0.10.tgz b/enterprise/authelia/15.0.4/charts/redis-6.0.10.tgz
deleted file mode 100644
index a9fd8f87e71..00000000000
Binary files a/enterprise/authelia/15.0.4/charts/redis-6.0.10.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.4/ix_values.yaml b/enterprise/authelia/15.0.4/ix_values.yaml
deleted file mode 100644
index 9b56530e1c8..00000000000
--- a/enterprise/authelia/15.0.4/ix_values.yaml
+++ /dev/null
@@ -1,619 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- # probes:
- # liveness:
- # type: HTTP
- # path: /api/health"
-
- # readiness:
- # type: HTTP
- # path: "/api/health"
-
- # startup:
- # type: HTTP
- # path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.4/questions.yaml b/enterprise/authelia/15.0.4/questions.yaml
deleted file mode 100644
index cd21f48f241..00000000000
--- a/enterprise/authelia/15.0.4/questions.yaml
+++ /dev/null
@@ -1,2782 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection Url"
- description: "If user tries to authenticate without any referer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: inactivity
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "his mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "activedirectory"
- - value: "custom"
- description: "custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.4/templates/NOTES.txt b/enterprise/authelia/15.0.4/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.4/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.4/templates/_configmap.tpl b/enterprise/authelia/15.0.4/templates/_configmap.tpl
deleted file mode 100644
index 4c3d957f519..00000000000
--- a/enterprise/authelia/15.0.4/templates/_configmap.tpl
+++ /dev/null
@@ -1,245 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- read_buffer_size: {{ default 4096 .Values.server.read_buffer_size }}
- write_buffer_size: {{ default 4096 .Values.server.write_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- disable_reset_password: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- sslmode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.4/templates/_secrets.tpl b/enterprise/authelia/15.0.4/templates/_secrets.tpl
deleted file mode 100644
index ca988f51579..00000000000
--- a/enterprise/authelia/15.0.4/templates/_secrets.tpl
+++ /dev/null
@@ -1,59 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
-{{- $oidckey := "" }}
-{{- $oidcsecret := "" }}
-{{- $jwtsecret := "" }}
-{{- $sessionsecret := "" }}
-{{- $encryptionkey := "" }}
-enabled: true
-data:
- {{- if $autheliaprevious }}
- SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" }}
- JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" }}
- {{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }}
- ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" }}
- {{- else }}
- {{- $encryptionkey := randAlphaNum 100 }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
- {{- else }}
- {{- $jwtsecret := randAlphaNum 50 }}
- {{- $sessionsecret := randAlphaNum 50 }}
- {{- $encryptionkey := randAlphaNum 100 }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret}}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- {{- if $autheliaprevious }}
- {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
- OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }}
- OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }}
- {{- else }}
- {{- $oidckey := genPrivateKey "rsa" }}
- {{- $oidcsecret := randAlphaNum 32 }}
- OIDC_PRIVATE_KEY: {{ $oidckey }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.4/templates/common.yaml b/enterprise/authelia/15.0.4/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.0.4/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.4/values.yaml b/enterprise/authelia/15.0.4/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.5/CHANGELOG.md b/enterprise/authelia/15.0.5/CHANGELOG.md
deleted file mode 100644
index 437cfc21c55..00000000000
--- a/enterprise/authelia/15.0.5/CHANGELOG.md
+++ /dev/null
@@ -1,44 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
-
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.5/Chart.yaml b/enterprise/authelia/15.0.5/Chart.yaml
deleted file mode 100644
index f48592b99a9..00000000000
--- a/enterprise/authelia/15.0.5/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.20
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.11
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.5
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.5/LICENSE b/enterprise/authelia/15.0.5/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.5/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.5/README.md b/enterprise/authelia/15.0.5/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.5/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.5/app-changelog.md b/enterprise/authelia/15.0.5/app-changelog.md
deleted file mode 100644
index 587213cca8a..00000000000
--- a/enterprise/authelia/15.0.5/app-changelog.md
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
diff --git a/enterprise/authelia/15.0.5/app-readme.md b/enterprise/authelia/15.0.5/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.5/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.5/charts/common-12.2.20.tgz b/enterprise/authelia/15.0.5/charts/common-12.2.20.tgz
deleted file mode 100644
index ca1c3ea4ffd..00000000000
Binary files a/enterprise/authelia/15.0.5/charts/common-12.2.20.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.5/charts/redis-6.0.11.tgz b/enterprise/authelia/15.0.5/charts/redis-6.0.11.tgz
deleted file mode 100644
index 5eb33e1caae..00000000000
Binary files a/enterprise/authelia/15.0.5/charts/redis-6.0.11.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.5/ix_values.yaml b/enterprise/authelia/15.0.5/ix_values.yaml
deleted file mode 100644
index 9b56530e1c8..00000000000
--- a/enterprise/authelia/15.0.5/ix_values.yaml
+++ /dev/null
@@ -1,619 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- # probes:
- # liveness:
- # type: HTTP
- # path: /api/health"
-
- # readiness:
- # type: HTTP
- # path: "/api/health"
-
- # startup:
- # type: HTTP
- # path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.5/questions.yaml b/enterprise/authelia/15.0.5/questions.yaml
deleted file mode 100644
index cd21f48f241..00000000000
--- a/enterprise/authelia/15.0.5/questions.yaml
+++ /dev/null
@@ -1,2782 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection Url"
- description: "If user tries to authenticate without any referer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: inactivity
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "his mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "activedirectory"
- - value: "custom"
- description: "custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.5/templates/NOTES.txt b/enterprise/authelia/15.0.5/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.5/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.5/templates/_configmap.tpl b/enterprise/authelia/15.0.5/templates/_configmap.tpl
deleted file mode 100644
index 4c3d957f519..00000000000
--- a/enterprise/authelia/15.0.5/templates/_configmap.tpl
+++ /dev/null
@@ -1,245 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- read_buffer_size: {{ default 4096 .Values.server.read_buffer_size }}
- write_buffer_size: {{ default 4096 .Values.server.write_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- disable_reset_password: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- sslmode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.5/templates/_secrets.tpl b/enterprise/authelia/15.0.5/templates/_secrets.tpl
deleted file mode 100644
index ca988f51579..00000000000
--- a/enterprise/authelia/15.0.5/templates/_secrets.tpl
+++ /dev/null
@@ -1,59 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
-{{- $oidckey := "" }}
-{{- $oidcsecret := "" }}
-{{- $jwtsecret := "" }}
-{{- $sessionsecret := "" }}
-{{- $encryptionkey := "" }}
-enabled: true
-data:
- {{- if $autheliaprevious }}
- SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" }}
- JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" }}
- {{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }}
- ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" }}
- {{- else }}
- {{- $encryptionkey := randAlphaNum 100 }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
- {{- else }}
- {{- $jwtsecret := randAlphaNum 50 }}
- {{- $sessionsecret := randAlphaNum 50 }}
- {{- $encryptionkey := randAlphaNum 100 }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret}}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- {{- if $autheliaprevious }}
- {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
- OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }}
- OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }}
- {{- else }}
- {{- $oidckey := genPrivateKey "rsa" }}
- {{- $oidcsecret := randAlphaNum 32 }}
- OIDC_PRIVATE_KEY: {{ $oidckey }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.5/templates/common.yaml b/enterprise/authelia/15.0.5/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.0.5/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.5/values.yaml b/enterprise/authelia/15.0.5/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.6/CHANGELOG.md b/enterprise/authelia/15.0.6/CHANGELOG.md
deleted file mode 100644
index 7df39876c6f..00000000000
--- a/enterprise/authelia/15.0.6/CHANGELOG.md
+++ /dev/null
@@ -1,53 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.6](https://github.com/truecharts/charts/compare/authelia-15.0.5...authelia-15.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
-
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.6/Chart.yaml b/enterprise/authelia/15.0.6/Chart.yaml
deleted file mode 100644
index 1cf5c642c8b..00000000000
--- a/enterprise/authelia/15.0.6/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.14
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.6
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.6/LICENSE b/enterprise/authelia/15.0.6/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.6/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.6/README.md b/enterprise/authelia/15.0.6/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.6/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.6/app-changelog.md b/enterprise/authelia/15.0.6/app-changelog.md
deleted file mode 100644
index bfbb173c118..00000000000
--- a/enterprise/authelia/15.0.6/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-15.0.6](https://github.com/truecharts/charts/compare/authelia-15.0.5...authelia-15.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.0.6/app-readme.md b/enterprise/authelia/15.0.6/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.6/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.6/charts/common-12.2.24.tgz b/enterprise/authelia/15.0.6/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/authelia/15.0.6/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.6/charts/redis-6.0.14.tgz b/enterprise/authelia/15.0.6/charts/redis-6.0.14.tgz
deleted file mode 100644
index fb93c84df47..00000000000
Binary files a/enterprise/authelia/15.0.6/charts/redis-6.0.14.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.6/ix_values.yaml b/enterprise/authelia/15.0.6/ix_values.yaml
deleted file mode 100644
index 9b56530e1c8..00000000000
--- a/enterprise/authelia/15.0.6/ix_values.yaml
+++ /dev/null
@@ -1,619 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- # probes:
- # liveness:
- # type: HTTP
- # path: /api/health"
-
- # readiness:
- # type: HTTP
- # path: "/api/health"
-
- # startup:
- # type: HTTP
- # path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.6/questions.yaml b/enterprise/authelia/15.0.6/questions.yaml
deleted file mode 100644
index d82ea70c3cf..00000000000
--- a/enterprise/authelia/15.0.6/questions.yaml
+++ /dev/null
@@ -1,2782 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection Url"
- description: "If user tries to authenticate without any referer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: inactivity
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "his mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "activedirectory"
- - value: "custom"
- description: "custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.6/templates/NOTES.txt b/enterprise/authelia/15.0.6/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.6/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.6/templates/_configmap.tpl b/enterprise/authelia/15.0.6/templates/_configmap.tpl
deleted file mode 100644
index 4c3d957f519..00000000000
--- a/enterprise/authelia/15.0.6/templates/_configmap.tpl
+++ /dev/null
@@ -1,245 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- read_buffer_size: {{ default 4096 .Values.server.read_buffer_size }}
- write_buffer_size: {{ default 4096 .Values.server.write_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- disable_reset_password: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- sslmode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.6/templates/_secrets.tpl b/enterprise/authelia/15.0.6/templates/_secrets.tpl
deleted file mode 100644
index ca988f51579..00000000000
--- a/enterprise/authelia/15.0.6/templates/_secrets.tpl
+++ /dev/null
@@ -1,59 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
-{{- $oidckey := "" }}
-{{- $oidcsecret := "" }}
-{{- $jwtsecret := "" }}
-{{- $sessionsecret := "" }}
-{{- $encryptionkey := "" }}
-enabled: true
-data:
- {{- if $autheliaprevious }}
- SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" }}
- JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" }}
- {{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }}
- ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" }}
- {{- else }}
- {{- $encryptionkey := randAlphaNum 100 }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
- {{- else }}
- {{- $jwtsecret := randAlphaNum 50 }}
- {{- $sessionsecret := randAlphaNum 50 }}
- {{- $encryptionkey := randAlphaNum 100 }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret}}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- {{- if $autheliaprevious }}
- {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
- OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }}
- OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }}
- {{- else }}
- {{- $oidckey := genPrivateKey "rsa" }}
- {{- $oidcsecret := randAlphaNum 32 }}
- OIDC_PRIVATE_KEY: {{ $oidckey }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.6/templates/common.yaml b/enterprise/authelia/15.0.6/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.0.6/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.6/values.yaml b/enterprise/authelia/15.0.6/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.7/CHANGELOG.md b/enterprise/authelia/15.0.7/CHANGELOG.md
deleted file mode 100644
index 38e5d8614be..00000000000
--- a/enterprise/authelia/15.0.7/CHANGELOG.md
+++ /dev/null
@@ -1,62 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.7](https://github.com/truecharts/charts/compare/authelia-15.0.6...authelia-15.0.7) (2023-03-07)
-
-### Fix
-
-- prevent encryption key resets
-
-
-
-
-## [authelia-15.0.6](https://github.com/truecharts/charts/compare/authelia-15.0.5...authelia-15.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
-
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.7/Chart.yaml b/enterprise/authelia/15.0.7/Chart.yaml
deleted file mode 100644
index 85f6913b08c..00000000000
--- a/enterprise/authelia/15.0.7/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.14
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.7
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.7/LICENSE b/enterprise/authelia/15.0.7/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.7/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.7/README.md b/enterprise/authelia/15.0.7/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.7/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.7/app-changelog.md b/enterprise/authelia/15.0.7/app-changelog.md
deleted file mode 100644
index c5ece616d83..00000000000
--- a/enterprise/authelia/15.0.7/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-15.0.7](https://github.com/truecharts/charts/compare/authelia-15.0.6...authelia-15.0.7) (2023-03-07)
-
-### Fix
-
-- prevent encryption key resets
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.0.7/app-readme.md b/enterprise/authelia/15.0.7/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.7/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.7/charts/common-12.2.24.tgz b/enterprise/authelia/15.0.7/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/authelia/15.0.7/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.7/charts/redis-6.0.14.tgz b/enterprise/authelia/15.0.7/charts/redis-6.0.14.tgz
deleted file mode 100644
index fb93c84df47..00000000000
Binary files a/enterprise/authelia/15.0.7/charts/redis-6.0.14.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.7/ix_values.yaml b/enterprise/authelia/15.0.7/ix_values.yaml
deleted file mode 100644
index 9b56530e1c8..00000000000
--- a/enterprise/authelia/15.0.7/ix_values.yaml
+++ /dev/null
@@ -1,619 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- # probes:
- # liveness:
- # type: HTTP
- # path: /api/health"
-
- # readiness:
- # type: HTTP
- # path: "/api/health"
-
- # startup:
- # type: HTTP
- # path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.7/questions.yaml b/enterprise/authelia/15.0.7/questions.yaml
deleted file mode 100644
index d82ea70c3cf..00000000000
--- a/enterprise/authelia/15.0.7/questions.yaml
+++ /dev/null
@@ -1,2782 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection Url"
- description: "If user tries to authenticate without any referer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: inactivity
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "his mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "activedirectory"
- - value: "custom"
- description: "custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.7/templates/NOTES.txt b/enterprise/authelia/15.0.7/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.7/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.7/templates/_configmap.tpl b/enterprise/authelia/15.0.7/templates/_configmap.tpl
deleted file mode 100644
index 4c3d957f519..00000000000
--- a/enterprise/authelia/15.0.7/templates/_configmap.tpl
+++ /dev/null
@@ -1,245 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- read_buffer_size: {{ default 4096 .Values.server.read_buffer_size }}
- write_buffer_size: {{ default 4096 .Values.server.write_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- disable_reset_password: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- sslmode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.7/templates/_secrets.tpl b/enterprise/authelia/15.0.7/templates/_secrets.tpl
deleted file mode 100644
index 0b408a1bc6a..00000000000
--- a/enterprise/authelia/15.0.7/templates/_secrets.tpl
+++ /dev/null
@@ -1,54 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
-{{- $oidckey := "" }}
-{{- $oidcsecret := "" }}
-{{- $jwtsecret := "" }}
-{{- $sessionsecret := "" }}
-{{- $encryptionkey := "" }}
-enabled: true
-data:
- {{- if $autheliaprevious }}
- SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" | b64dec }}
- JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" | b64dec }}
- ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" | b64dec }}
- {{- else }}
- {{- $jwtsecret := randAlphaNum 50 }}
- {{- $sessionsecret := randAlphaNum 50 }}
- {{- $encryptionkey := randAlphaNum 100 }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret}}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- {{- if $autheliaprevious }}
- {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
- OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" | b64dec }}
- OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" | b64dec }}
- {{- else }}
- {{- $oidckey := genPrivateKey "rsa" }}
- {{- $oidcsecret := randAlphaNum 32 }}
- OIDC_PRIVATE_KEY: {{ $oidckey }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.7/templates/common.yaml b/enterprise/authelia/15.0.7/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.0.7/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.7/values.yaml b/enterprise/authelia/15.0.7/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.8/CHANGELOG.md b/enterprise/authelia/15.0.8/CHANGELOG.md
deleted file mode 100644
index 2d3ae5fd58f..00000000000
--- a/enterprise/authelia/15.0.8/CHANGELOG.md
+++ /dev/null
@@ -1,71 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.8](https://github.com/truecharts/charts/compare/authelia-15.0.7...authelia-15.0.8) (2023-03-07)
-
-### Fix
-
-- fix broken fetching of old values on authelia ([#7764](https://github.com/truecharts/charts/issues/7764))
-
-
-
-
-## [authelia-15.0.7](https://github.com/truecharts/charts/compare/authelia-15.0.6...authelia-15.0.7) (2023-03-07)
-
-### Fix
-
-- prevent encryption key resets
-
-
-
-
-## [authelia-15.0.6](https://github.com/truecharts/charts/compare/authelia-15.0.5...authelia-15.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
-
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.8/Chart.yaml b/enterprise/authelia/15.0.8/Chart.yaml
deleted file mode 100644
index 08f1e27636b..00000000000
--- a/enterprise/authelia/15.0.8/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.14
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.8
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.8/LICENSE b/enterprise/authelia/15.0.8/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.8/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.8/README.md b/enterprise/authelia/15.0.8/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.8/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.8/app-changelog.md b/enterprise/authelia/15.0.8/app-changelog.md
deleted file mode 100644
index ecffbade027..00000000000
--- a/enterprise/authelia/15.0.8/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-15.0.8](https://github.com/truecharts/charts/compare/authelia-15.0.7...authelia-15.0.8) (2023-03-07)
-
-### Fix
-
-- fix broken fetching of old values on authelia ([#7764](https://github.com/truecharts/charts/issues/7764))
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.0.8/app-readme.md b/enterprise/authelia/15.0.8/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.8/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.8/charts/common-12.2.24.tgz b/enterprise/authelia/15.0.8/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/authelia/15.0.8/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.8/charts/redis-6.0.14.tgz b/enterprise/authelia/15.0.8/charts/redis-6.0.14.tgz
deleted file mode 100644
index fb93c84df47..00000000000
Binary files a/enterprise/authelia/15.0.8/charts/redis-6.0.14.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.8/ix_values.yaml b/enterprise/authelia/15.0.8/ix_values.yaml
deleted file mode 100644
index 79559954057..00000000000
--- a/enterprise/authelia/15.0.8/ix_values.yaml
+++ /dev/null
@@ -1,619 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- probes:
- liveness:
- type: http
- path: /api/health"
-
- readiness:
- type: http
- path: "/api/health"
-
- startup:
- type: http
- path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.8/questions.yaml b/enterprise/authelia/15.0.8/questions.yaml
deleted file mode 100644
index d82ea70c3cf..00000000000
--- a/enterprise/authelia/15.0.8/questions.yaml
+++ /dev/null
@@ -1,2782 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection Url"
- description: "If user tries to authenticate without any referer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: inactivity
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "his mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "activedirectory"
- - value: "custom"
- description: "custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.8/templates/NOTES.txt b/enterprise/authelia/15.0.8/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.8/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.8/templates/_configmap.tpl b/enterprise/authelia/15.0.8/templates/_configmap.tpl
deleted file mode 100644
index c0497f5e570..00000000000
--- a/enterprise/authelia/15.0.8/templates/_configmap.tpl
+++ /dev/null
@@ -1,248 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- buffers:
- write: {{ default 4096 .Values.server.write_buffer_size }}
- read: {{ default 4096 .Values.server.read_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- password_reset:
- disable: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- ssl:
- mode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.8/templates/_secrets.tpl b/enterprise/authelia/15.0.8/templates/_secrets.tpl
deleted file mode 100644
index a09e547627f..00000000000
--- a/enterprise/authelia/15.0.8/templates/_secrets.tpl
+++ /dev/null
@@ -1,56 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $basename := include "tc.v1.common.lib.chart.names.fullname" $ -}}
-{{- $fetchname := printf "%s-authelia-secrets" $basename -}}
-{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace $fetchname }}
-{{- $oidckey := "" }}
-{{- $oidcsecret := "" }}
-{{- $jwtsecret := "" }}
-{{- $sessionsecret := "" }}
-{{- $encryptionkey := "" }}
-enabled: true
-data:
- {{- if $autheliaprevious }}
- SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" | b64dec }}
- JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" | b64dec }}
- ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" | b64dec }}
- {{- else }}
- {{- $jwtsecret := randAlphaNum 50 }}
- {{- $sessionsecret := randAlphaNum 50 }}
- {{- $encryptionkey := randAlphaNum 100 }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret}}
- ENCRYPTION_KEY: {{ $encryptionkey }}
- {{- end }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- {{- if $autheliaprevious }}
- {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
- OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" | b64dec }}
- OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" | b64dec }}
- {{- else }}
- {{- $oidckey := genPrivateKey "rsa" }}
- {{- $oidcsecret := randAlphaNum 32 }}
- OIDC_PRIVATE_KEY: {{ $oidckey }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.8/templates/common.yaml b/enterprise/authelia/15.0.8/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.0.8/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.8/values.yaml b/enterprise/authelia/15.0.8/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.0.9/CHANGELOG.md b/enterprise/authelia/15.0.9/CHANGELOG.md
deleted file mode 100644
index bd45556862f..00000000000
--- a/enterprise/authelia/15.0.9/CHANGELOG.md
+++ /dev/null
@@ -1,80 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.0.9](https://github.com/truecharts/charts/compare/authelia-15.0.8...authelia-15.0.9) (2023-03-08)
-
-### Chore
-
-- cleanup secret a bit ([#7768](https://github.com/truecharts/charts/issues/7768))
-
-
-
-
-## [authelia-15.0.8](https://github.com/truecharts/charts/compare/authelia-15.0.7...authelia-15.0.8) (2023-03-07)
-
-### Fix
-
-- fix broken fetching of old values on authelia ([#7764](https://github.com/truecharts/charts/issues/7764))
-
-
-
-
-## [authelia-15.0.7](https://github.com/truecharts/charts/compare/authelia-15.0.6...authelia-15.0.7) (2023-03-07)
-
-### Fix
-
-- prevent encryption key resets
-
-
-
-
-## [authelia-15.0.6](https://github.com/truecharts/charts/compare/authelia-15.0.5...authelia-15.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
-
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [authelia-15.0.3](https://github.com/truecharts/charts/compare/authelia-15.0.1...authelia-15.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [authelia-15.0.1](https://github.com/truecharts/charts/compare/authelia-15.0.0...authelia-15.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [authelia-15.0.0](https://github.com/truecharts/charts/compare/authelia-14.0.29...authelia-15.0.0) (2023-03-04)
-
diff --git a/enterprise/authelia/15.0.9/Chart.yaml b/enterprise/authelia/15.0.9/Chart.yaml
deleted file mode 100644
index 28c73a46813..00000000000
--- a/enterprise/authelia/15.0.9/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.14
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.0.9
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.0.9/LICENSE b/enterprise/authelia/15.0.9/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.0.9/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.0.9/README.md b/enterprise/authelia/15.0.9/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.0.9/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.0.9/app-changelog.md b/enterprise/authelia/15.0.9/app-changelog.md
deleted file mode 100644
index 3e81a88453a..00000000000
--- a/enterprise/authelia/15.0.9/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-15.0.9](https://github.com/truecharts/charts/compare/authelia-15.0.8...authelia-15.0.9) (2023-03-08)
-
-### Chore
-
-- cleanup secret a bit ([#7768](https://github.com/truecharts/charts/issues/7768))
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.0.9/app-readme.md b/enterprise/authelia/15.0.9/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.0.9/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.0.9/charts/common-12.2.24.tgz b/enterprise/authelia/15.0.9/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/authelia/15.0.9/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.9/charts/redis-6.0.14.tgz b/enterprise/authelia/15.0.9/charts/redis-6.0.14.tgz
deleted file mode 100644
index fb93c84df47..00000000000
Binary files a/enterprise/authelia/15.0.9/charts/redis-6.0.14.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.0.9/ix_values.yaml b/enterprise/authelia/15.0.9/ix_values.yaml
deleted file mode 100644
index 79559954057..00000000000
--- a/enterprise/authelia/15.0.9/ix_values.yaml
+++ /dev/null
@@ -1,619 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- probes:
- liveness:
- type: http
- path: /api/health"
-
- readiness:
- type: http
- path: "/api/health"
-
- startup:
- type: http
- path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.0.9/questions.yaml b/enterprise/authelia/15.0.9/questions.yaml
deleted file mode 100644
index 2ddaa0f402b..00000000000
--- a/enterprise/authelia/15.0.9/questions.yaml
+++ /dev/null
@@ -1,2781 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection URL"
- description: "If user tries to authenticate without any referrer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: remember_me_duration
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "This mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilized for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "Active Directory"
- - value: "custom"
- description: "Custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.0.9/templates/NOTES.txt b/enterprise/authelia/15.0.9/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.0.9/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.0.9/templates/_configmap.tpl b/enterprise/authelia/15.0.9/templates/_configmap.tpl
deleted file mode 100644
index c0497f5e570..00000000000
--- a/enterprise/authelia/15.0.9/templates/_configmap.tpl
+++ /dev/null
@@ -1,248 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- buffers:
- write: {{ default 4096 .Values.server.write_buffer_size }}
- read: {{ default 4096 .Values.server.read_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- password_reset:
- disable: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- ssl:
- mode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.0.9/templates/_secrets.tpl b/enterprise/authelia/15.0.9/templates/_secrets.tpl
deleted file mode 100644
index 29023561612..00000000000
--- a/enterprise/authelia/15.0.9/templates/_secrets.tpl
+++ /dev/null
@@ -1,54 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $basename := include "tc.v1.common.lib.chart.names.fullname" $ -}}
-{{- $fetchname := printf "%s-authelia-secrets" $basename -}}
-
-{{/* Initialize all keys */}}
-{{- $oidckey := genPrivateKey "rsa" }}
-{{- $oidcsecret := randAlphaNum 32 }}
-{{- $jwtsecret := randAlphaNum 50 }}
-{{- $sessionsecret := randAlphaNum 50 }}
-{{- $encryptionkey := randAlphaNum 100 }}
-
-enabled: true
-data:
- {{ with (lookup "v1" "Secret" .Release.Namespace $fetchname) }}
- {{/* Get previous values and decode */}}
- {{ $sessionsecret = (index .data "SESSION_ENCRYPTION_KEY") | b64dec }}
- {{ $jwtsecret = (index .data "JWT_TOKEN") | b64dec }}
- {{ $encryptionkey = (index .data "ENCRYPTION_KEY") | b64dec }}
-
- {{/* Check if those keys ever existed. as OIDC is optional */}}
- {{ if and (hasKey .data "OIDC_PRIVATE_KEY") (hasKey .data "OIDC_HMAC_SECRET") }}
- {{ $oidckey = (index .data "OIDC_PRIVATE_KEY") | b64dec }}
- {{ $oidcsecret = (index .data "OIDC_HMAC_SECRET") | b64dec }}
- {{ end }}
- {{ end }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- {{- if .Values.identity_providers.oidc.enabled }}
- OIDC_PRIVATE_KEY: {{ $oidckey }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/authelia/15.0.9/templates/common.yaml b/enterprise/authelia/15.0.9/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.0.9/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.0.9/values.yaml b/enterprise/authelia/15.0.9/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.1.0/CHANGELOG.md b/enterprise/authelia/15.1.0/CHANGELOG.md
deleted file mode 100644
index d585b114b62..00000000000
--- a/enterprise/authelia/15.1.0/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.1.0](https://github.com/truecharts/charts/compare/authelia-15.0.13...authelia-15.1.0) (2023-03-22)
-
-### Feat
-
-- allow for NTP failure by default ([#7824](https://github.com/truecharts/charts/issues/7824))
-
-
-
-
-## [authelia-15.0.13](https://github.com/truecharts/charts/compare/authelia-15.0.12...authelia-15.0.13) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
-
-
-## [authelia-15.0.12](https://github.com/truecharts/charts/compare/authelia-15.0.11...authelia-15.0.12) (2023-03-09)
-
-### Chore
-
-- bump dependencies and release 2 replica default
-
- ### Feat
-
-- replicas2 part 2
- - run 2 replica's with rolling updates
-
-
-
-
-## [authelia-15.0.11](https://github.com/truecharts/charts/compare/authelia-15.0.10...authelia-15.0.11) (2023-03-08)
-
-
-
-
-## [authelia-15.0.10](https://github.com/truecharts/charts/compare/authelia-15.0.9...authelia-15.0.10) (2023-03-08)
-
-### Fix
-
-- indent priv key ([#7770](https://github.com/truecharts/charts/issues/7770))
-
-
-
-
-## [authelia-15.0.9](https://github.com/truecharts/charts/compare/authelia-15.0.8...authelia-15.0.9) (2023-03-08)
-
-### Chore
-
-- cleanup secret a bit ([#7768](https://github.com/truecharts/charts/issues/7768))
-
-
-
-
-## [authelia-15.0.8](https://github.com/truecharts/charts/compare/authelia-15.0.7...authelia-15.0.8) (2023-03-07)
-
-### Fix
-
-- fix broken fetching of old values on authelia ([#7764](https://github.com/truecharts/charts/issues/7764))
-
-
-
-
-## [authelia-15.0.7](https://github.com/truecharts/charts/compare/authelia-15.0.6...authelia-15.0.7) (2023-03-07)
-
-### Fix
-
-- prevent encryption key resets
-
-
-
-
-## [authelia-15.0.6](https://github.com/truecharts/charts/compare/authelia-15.0.5...authelia-15.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
-
-
-
-## [authelia-15.0.4](https://github.com/truecharts/charts/compare/authelia-15.0.3...authelia-15.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
diff --git a/enterprise/authelia/15.1.0/Chart.yaml b/enterprise/authelia/15.1.0/Chart.yaml
deleted file mode 100644
index 1c8c07046d5..00000000000
--- a/enterprise/authelia/15.1.0/Chart.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.28
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.17
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://ghcr.io/authelia/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.1.0
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.1.0/LICENSE b/enterprise/authelia/15.1.0/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.1.0/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.1.0/README.md b/enterprise/authelia/15.1.0/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.1.0/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.1.0/app-changelog.md b/enterprise/authelia/15.1.0/app-changelog.md
deleted file mode 100644
index 931de515338..00000000000
--- a/enterprise/authelia/15.1.0/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-15.1.0](https://github.com/truecharts/charts/compare/authelia-15.0.13...authelia-15.1.0) (2023-03-22)
-
-### Feat
-
-- allow for NTP failure by default ([#7824](https://github.com/truecharts/charts/issues/7824))
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.1.0/app-readme.md b/enterprise/authelia/15.1.0/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.1.0/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.1.0/charts/common-12.2.28.tgz b/enterprise/authelia/15.1.0/charts/common-12.2.28.tgz
deleted file mode 100644
index 4a3a50054c6..00000000000
Binary files a/enterprise/authelia/15.1.0/charts/common-12.2.28.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.1.0/charts/redis-6.0.17.tgz b/enterprise/authelia/15.1.0/charts/redis-6.0.17.tgz
deleted file mode 100644
index 46e8ead845f..00000000000
Binary files a/enterprise/authelia/15.1.0/charts/redis-6.0.17.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.1.0/ix_values.yaml b/enterprise/authelia/15.1.0/ix_values.yaml
deleted file mode 100644
index c3709516e76..00000000000
--- a/enterprise/authelia/15.1.0/ix_values.yaml
+++ /dev/null
@@ -1,630 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- probes:
- liveness:
- type: http
- path: "/api/health"
-
- readiness:
- type: http
- path: "/api/health"
-
- startup:
- type: http
- path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-## NTP settings
-
-ntp:
- address: "time.cloudflare.com:123"
- version: 4
- max_desync: 3s
- disable_startup_check: false
- disable_failure: true
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.1.0/questions.yaml b/enterprise/authelia/15.1.0/questions.yaml
deleted file mode 100644
index ca4e8c8b06e..00000000000
--- a/enterprise/authelia/15.1.0/questions.yaml
+++ /dev/null
@@ -1,2781 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 2
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection URL"
- description: "If user tries to authenticate without any referrer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: remember_me_duration
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "This mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilized for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "Active Directory"
- - value: "custom"
- description: "Custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["certificateIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.1.0/templates/NOTES.txt b/enterprise/authelia/15.1.0/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.1.0/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.1.0/templates/_configmap.tpl b/enterprise/authelia/15.1.0/templates/_configmap.tpl
deleted file mode 100644
index 98d92e9d16b..00000000000
--- a/enterprise/authelia/15.1.0/templates/_configmap.tpl
+++ /dev/null
@@ -1,254 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- ntp:
- address: {{ default "time.cloudflare.com:123" .Values.ntp.address }}
- version: {{ default 4 .Values.ntp.version }}
- max_desync: {{ default "3s" .Values.ntp.max_desync }}
- disable_startup_check: {{ default false .Values.ntp.disable_startup_check }}
- disable_failure: {{ default true .Values.ntp.disable_failure }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- buffers:
- write: {{ default 4096 .Values.server.write_buffer_size }}
- read: {{ default 4096 .Values.server.read_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- password_reset:
- disable: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- ssl:
- mode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.1.0/templates/_secrets.tpl b/enterprise/authelia/15.1.0/templates/_secrets.tpl
deleted file mode 100644
index 14ed88d973d..00000000000
--- a/enterprise/authelia/15.1.0/templates/_secrets.tpl
+++ /dev/null
@@ -1,53 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $basename := include "tc.v1.common.lib.chart.names.fullname" $ -}}
-{{- $fetchname := printf "%s-authelia-secrets" $basename -}}
-
-{{/* Initialize all keys */}}
-{{- $oidckey := genPrivateKey "rsa" }}
-{{- $oidcsecret := randAlphaNum 32 }}
-{{- $jwtsecret := randAlphaNum 50 }}
-{{- $sessionsecret := randAlphaNum 50 }}
-{{- $encryptionkey := randAlphaNum 100 }}
-
-enabled: true
-data:
- {{ with (lookup "v1" "Secret" .Release.Namespace $fetchname) }}
- {{/* Get previous values and decode */}}
- {{ $sessionsecret = (index .data "SESSION_ENCRYPTION_KEY") | b64dec }}
- {{ $jwtsecret = (index .data "JWT_TOKEN") | b64dec }}
- {{ $encryptionkey = (index .data "ENCRYPTION_KEY") | b64dec }}
-
- {{/* Check if those keys ever existed. as OIDC is optional */}}
- {{ if and (hasKey .data "OIDC_PRIVATE_KEY") (hasKey .data "OIDC_HMAC_SECRET") }}
- {{ $oidckey = (index .data "OIDC_PRIVATE_KEY") | b64dec }}
- {{ $oidcsecret = (index .data "OIDC_HMAC_SECRET") | b64dec }}
- {{ end }}
- {{ end }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled }}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- OIDC_PRIVATE_KEY: |
- {{- $oidckey | nindent 4 }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
-{{- end -}}
diff --git a/enterprise/authelia/15.1.0/templates/common.yaml b/enterprise/authelia/15.1.0/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.1.0/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.1.0/values.yaml b/enterprise/authelia/15.1.0/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/authelia/15.1.1/CHANGELOG.md b/enterprise/authelia/15.1.1/CHANGELOG.md
deleted file mode 100644
index 641f4666518..00000000000
--- a/enterprise/authelia/15.1.1/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-15.1.1](https://github.com/truecharts/charts/compare/authelia-15.1.0...authelia-15.1.1) (2023-04-05)
-
-### Chore
-
-- bump common to 32 on enterprise charts
-
-
-
-
-## [authelia-15.1.0](https://github.com/truecharts/charts/compare/authelia-15.0.13...authelia-15.1.0) (2023-03-22)
-
-### Feat
-
-- allow for NTP failure by default ([#7824](https://github.com/truecharts/charts/issues/7824))
-
-
-
-
-## [authelia-15.0.13](https://github.com/truecharts/charts/compare/authelia-15.0.12...authelia-15.0.13) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
-
-
-## [authelia-15.0.12](https://github.com/truecharts/charts/compare/authelia-15.0.11...authelia-15.0.12) (2023-03-09)
-
-### Chore
-
-- bump dependencies and release 2 replica default
-
- ### Feat
-
-- replicas2 part 2
- - run 2 replica's with rolling updates
-
-
-
-
-## [authelia-15.0.11](https://github.com/truecharts/charts/compare/authelia-15.0.10...authelia-15.0.11) (2023-03-08)
-
-
-
-
-## [authelia-15.0.10](https://github.com/truecharts/charts/compare/authelia-15.0.9...authelia-15.0.10) (2023-03-08)
-
-### Fix
-
-- indent priv key ([#7770](https://github.com/truecharts/charts/issues/7770))
-
-
-
-
-## [authelia-15.0.9](https://github.com/truecharts/charts/compare/authelia-15.0.8...authelia-15.0.9) (2023-03-08)
-
-### Chore
-
-- cleanup secret a bit ([#7768](https://github.com/truecharts/charts/issues/7768))
-
-
-
-
-## [authelia-15.0.8](https://github.com/truecharts/charts/compare/authelia-15.0.7...authelia-15.0.8) (2023-03-07)
-
-### Fix
-
-- fix broken fetching of old values on authelia ([#7764](https://github.com/truecharts/charts/issues/7764))
-
-
-
-
-## [authelia-15.0.7](https://github.com/truecharts/charts/compare/authelia-15.0.6...authelia-15.0.7) (2023-03-07)
-
-### Fix
-
-- prevent encryption key resets
-
-
-
-
-## [authelia-15.0.6](https://github.com/truecharts/charts/compare/authelia-15.0.5...authelia-15.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [authelia-15.0.5](https://github.com/truecharts/charts/compare/authelia-15.0.4...authelia-15.0.5) (2023-03-06)
-
diff --git a/enterprise/authelia/15.1.1/Chart.yaml b/enterprise/authelia/15.1.1/Chart.yaml
deleted file mode 100644
index df9dcb5e15e..00000000000
--- a/enterprise/authelia/15.1.1/Chart.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.32
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 6.0.18
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/enterprise/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 15.1.1
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/authelia/15.1.1/LICENSE b/enterprise/authelia/15.1.1/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/authelia/15.1.1/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/authelia/15.1.1/README.md b/enterprise/authelia/15.1.1/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/authelia/15.1.1/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/authelia/15.1.1/app-changelog.md b/enterprise/authelia/15.1.1/app-changelog.md
deleted file mode 100644
index 9c8460a0a3b..00000000000
--- a/enterprise/authelia/15.1.1/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-15.1.1](https://github.com/truecharts/charts/compare/authelia-15.1.0...authelia-15.1.1) (2023-04-05)
-
-### Chore
-
-- bump common to 32 on enterprise charts
-
-
\ No newline at end of file
diff --git a/enterprise/authelia/15.1.1/app-readme.md b/enterprise/authelia/15.1.1/app-readme.md
deleted file mode 100644
index 9417c0c13d5..00000000000
--- a/enterprise/authelia/15.1.1/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/authelia](https://truecharts.org/charts/enterprise/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/authelia/15.1.1/charts/common-12.2.32.tgz b/enterprise/authelia/15.1.1/charts/common-12.2.32.tgz
deleted file mode 100644
index 3304bd5a80b..00000000000
Binary files a/enterprise/authelia/15.1.1/charts/common-12.2.32.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.1.1/charts/redis-6.0.18.tgz b/enterprise/authelia/15.1.1/charts/redis-6.0.18.tgz
deleted file mode 100644
index a77707be194..00000000000
Binary files a/enterprise/authelia/15.1.1/charts/redis-6.0.18.tgz and /dev/null differ
diff --git a/enterprise/authelia/15.1.1/ix_values.yaml b/enterprise/authelia/15.1.1/ix_values.yaml
deleted file mode 100644
index c3709516e76..00000000000
--- a/enterprise/authelia/15.1.1/ix_values.yaml
+++ /dev/null
@@ -1,630 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- command: ["authelia"]
- args: ["--config=/configuration.yaml"]
- envFrom:
- - configMapRef:
- name: authelia-paths
- probes:
- liveness:
- type: http
- path: "/api/health"
-
- readiness:
- type: http
- path: "/api/health"
-
- startup:
- type: http
- path: "/api/health"
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-
-cnpg:
- main:
- enabled: true
- user: authelia
- database: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-## NTP settings
-
-ntp:
- address: "time.cloudflare.com:123"
- version: 4
- max_desync: 3s
- disable_startup_check: false
- disable_failure: true
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/authelia/15.1.1/questions.yaml b/enterprise/authelia/15.1.1/questions.yaml
deleted file mode 100644
index ca4e8c8b06e..00000000000
--- a/enterprise/authelia/15.1.1/questions.yaml
+++ /dev/null
@@ -1,2781 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 2
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection URL"
- description: "If user tries to authenticate without any referrer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: remember_me_duration
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "This mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilized for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "Active Directory"
- - value: "custom"
- description: "Custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["certificateIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/authelia/15.1.1/templates/NOTES.txt b/enterprise/authelia/15.1.1/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/authelia/15.1.1/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/authelia/15.1.1/templates/_configmap.tpl b/enterprise/authelia/15.1.1/templates/_configmap.tpl
deleted file mode 100644
index 98d92e9d16b..00000000000
--- a/enterprise/authelia/15.1.1/templates/_configmap.tpl
+++ /dev/null
@@ -1,254 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap.paths" -}}
-enabled: true
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
-{{- end -}}
-
-{{- define "authelia.configmap.configfile" -}}
-enabled: true
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- ntp:
- address: {{ default "time.cloudflare.com:123" .Values.ntp.address }}
- version: {{ default 4 .Values.ntp.version }}
- max_desync: {{ default "3s" .Values.ntp.max_desync }}
- disable_startup_check: {{ default false .Values.ntp.disable_startup_check }}
- disable_failure: {{ default true .Values.ntp.disable_failure }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- buffers:
- write: {{ default 4096 .Values.server.write_buffer_size }}
- read: {{ default 4096 .Values.server.read_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- password_reset:
- disable: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.creds.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ $.Values.cnpg.main.creds.host }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- ssl:
- mode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/enterprise/authelia/15.1.1/templates/_secrets.tpl b/enterprise/authelia/15.1.1/templates/_secrets.tpl
deleted file mode 100644
index 14ed88d973d..00000000000
--- a/enterprise/authelia/15.1.1/templates/_secrets.tpl
+++ /dev/null
@@ -1,53 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
-{{- $basename := include "tc.v1.common.lib.chart.names.fullname" $ -}}
-{{- $fetchname := printf "%s-authelia-secrets" $basename -}}
-
-{{/* Initialize all keys */}}
-{{- $oidckey := genPrivateKey "rsa" }}
-{{- $oidcsecret := randAlphaNum 32 }}
-{{- $jwtsecret := randAlphaNum 50 }}
-{{- $sessionsecret := randAlphaNum 50 }}
-{{- $encryptionkey := randAlphaNum 100 }}
-
-enabled: true
-data:
- {{ with (lookup "v1" "Secret" .Release.Namespace $fetchname) }}
- {{/* Get previous values and decode */}}
- {{ $sessionsecret = (index .data "SESSION_ENCRYPTION_KEY") | b64dec }}
- {{ $jwtsecret = (index .data "JWT_TOKEN") | b64dec }}
- {{ $encryptionkey = (index .data "ENCRYPTION_KEY") | b64dec }}
-
- {{/* Check if those keys ever existed. as OIDC is optional */}}
- {{ if and (hasKey .data "OIDC_PRIVATE_KEY") (hasKey .data "OIDC_HMAC_SECRET") }}
- {{ $oidckey = (index .data "OIDC_PRIVATE_KEY") | b64dec }}
- {{ $oidcsecret = (index .data "OIDC_HMAC_SECRET") | b64dec }}
- {{ end }}
- {{ end }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret }}
- JWT_TOKEN: {{ $jwtsecret }}
- ENCRYPTION_KEY: {{ $encryptionkey }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ $.Values.cnpg.main.creds.password | trimAll "\"" }}
-
- REDIS_PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
- {{- if .Values.redisProvider.high_availability.enabled }}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" }}
- {{- end }}
-
- OIDC_PRIVATE_KEY: |
- {{- $oidckey | nindent 4 }}
- OIDC_HMAC_SECRET: {{ $oidcsecret }}
-{{- end -}}
diff --git a/enterprise/authelia/15.1.1/templates/common.yaml b/enterprise/authelia/15.1.1/templates/common.yaml
deleted file mode 100644
index 54e288e852c..00000000000
--- a/enterprise/authelia/15.1.1/templates/common.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- $configmapPaths := include "authelia.configmap.paths" . | fromYaml -}}
-{{- if $configmapPaths -}}
- {{- $_ := set .Values.configmap "authelia-paths" $configmapPaths -}}
-{{- end -}}
-
-{{- $configmapFile := include "authelia.configmap.configfile" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "authelia-configfile" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for authelia */}}
-{{- $secret := include "authelia.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "authelia-secrets" $secret -}}
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: true
-mountPath: /configuration.yaml
-subPath: configuration.yaml
-readOnly: true
-type: "configmap"
-objectName: authelia-configfile
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: true
-mountPath: "/secrets"
-readOnly: true
-type: "secret"
-objectName: authelia-secrets
-items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/authelia/15.1.1/values.yaml b/enterprise/authelia/15.1.1/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/blocky/4.0.24/CHANGELOG.md b/enterprise/blocky/4.0.24/CHANGELOG.md
deleted file mode 100644
index 502cc8ec095..00000000000
--- a/enterprise/blocky/4.0.24/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [blocky-4.0.24](https://github.com/truecharts/charts/compare/blocky-4.0.23...blocky-4.0.24) (2023-02-27)
-
-### Chore
-
-- update helm general non-major ([#7725](https://github.com/truecharts/charts/issues/7725))
-
-
-
-
-## [blocky-4.0.23](https://github.com/truecharts/charts/compare/blocky-4.0.22...blocky-4.0.23) (2023-02-22)
-
-### Fix
-
-- fix multi-domain ([#7448](https://github.com/truecharts/charts/issues/7448))
-
-
-
-
-## [blocky-4.0.22](https://github.com/truecharts/charts/compare/blocky-4.0.21...blocky-4.0.22) (2023-02-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [blocky-4.0.21](https://github.com/truecharts/charts/compare/blocky-4.0.20...blocky-4.0.21) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [blocky-4.0.20](https://github.com/truecharts/charts/compare/blocky-4.0.19...blocky-4.0.20) (2023-02-03)
-
-### Fix
-
-- clean more non-link sources ([#6925](https://github.com/truecharts/charts/issues/6925))
-
-
-
-
-## [blocky-4.0.19](https://github.com/truecharts/charts/compare/blocky-4.0.18...blocky-4.0.19) (2023-01-31)
-
-### Chore
-
-- update container image tccr.io/truecharts/k8s_gateway to v0.3.3
-
-
-
-
-## [blocky-4.0.18](https://github.com/truecharts/charts/compare/blocky-4.0.17...blocky-4.0.18) (2023-01-23)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [blocky-4.0.17](https://github.com/truecharts/charts/compare/blocky-4.0.16...blocky-4.0.17) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
-
-
-## [blocky-4.0.16](https://github.com/truecharts/charts/compare/blocky-4.0.15...blocky-4.0.16) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [blocky-4.0.15](https://github.com/truecharts/charts/compare/blocky-4.0.14...blocky-4.0.15) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [blocky-4.0.14](https://github.com/truecharts/charts/compare/blocky-4.0.13...blocky-4.0.14) (2022-12-27)
-
-### Chore
diff --git a/enterprise/blocky/4.0.24/Chart.yaml b/enterprise/blocky/4.0.24/Chart.yaml
deleted file mode 100644
index 34ae78afb1a..00000000000
--- a/enterprise/blocky/4.0.24/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v2
-appVersion: "0.19"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 5.0.33
-description: Blocky is a DNS proxy, DNS enhancer and ad-blocker for the local network written in Go
-home: https://truecharts.org/charts/enterprise/blocky
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/blocky.png
-keywords:
- - dns
- - blocky
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: blocky
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/blocky
- - https://hub.docker.com/r/spx01/blocky
- - https://0xerr0r.github.io/blocky/
- - https://github.com/0xERR0R/blocky
- - https://github.com/Mozart409/blocky-frontend
-version: 4.0.24
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/blocky/4.0.24/LICENSE b/enterprise/blocky/4.0.24/LICENSE
deleted file mode 100644
index 33a8cbb23f0..00000000000
--- a/enterprise/blocky/4.0.24/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Blocky" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/blocky/4.0.24/README.md b/enterprise/blocky/4.0.24/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/blocky/4.0.24/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/blocky/4.0.24/app-changelog.md b/enterprise/blocky/4.0.24/app-changelog.md
deleted file mode 100644
index b652000da3f..00000000000
--- a/enterprise/blocky/4.0.24/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [blocky-4.0.24](https://github.com/truecharts/charts/compare/blocky-4.0.23...blocky-4.0.24) (2023-02-27)
-
-### Chore
-
-- update helm general non-major ([#7725](https://github.com/truecharts/charts/issues/7725))
-
-
\ No newline at end of file
diff --git a/enterprise/blocky/4.0.24/app-readme.md b/enterprise/blocky/4.0.24/app-readme.md
deleted file mode 100644
index 8e6562892e4..00000000000
--- a/enterprise/blocky/4.0.24/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Blocky is a DNS proxy, DNS enhancer and ad-blocker for the local network written in Go
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/blocky](https://truecharts.org/charts/enterprise/blocky)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/blocky/4.0.24/charts/common-11.1.2.tgz b/enterprise/blocky/4.0.24/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/enterprise/blocky/4.0.24/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/enterprise/blocky/4.0.24/charts/redis-5.0.33.tgz b/enterprise/blocky/4.0.24/charts/redis-5.0.33.tgz
deleted file mode 100644
index 1450fe65f8b..00000000000
Binary files a/enterprise/blocky/4.0.24/charts/redis-5.0.33.tgz and /dev/null differ
diff --git a/enterprise/blocky/4.0.24/ix_values.yaml b/enterprise/blocky/4.0.24/ix_values.yaml
deleted file mode 100644
index 14391062550..00000000000
--- a/enterprise/blocky/4.0.24/ix_values.yaml
+++ /dev/null
@@ -1,379 +0,0 @@
-image:
- # repository: spx01/blocky
- # tag: development@sha256:ddb35986cbc924de11cd37ccf625ff6bd0896fad456e57ee9c0bd67bd034770e
- repository: tccr.io/truecharts/blocky
- tag: v0.19@sha256:77a474542f12f480deca33ff0a6375846918b86988c13f858620839d8818ca84
- pullPolicy: IfNotPresent
-
-WebUIImage:
- repository: tccr.io/truecharts/blocky-frontend
- tag: v0.0.3@sha256:81058f20520dcdb80c9883b6f21b338446fefc333e3ca8bd7d17336a24a5d842
- pullPolicy: IfNotPresent
-
-k8sgatewayImage:
- repository: tccr.io/truecharts/k8s_gateway
- pullPolicy: IfNotPresent
- tag: 0.3.3@sha256:246e7006afaf57a398b02e417a31d6f14fb43562901388772778f60be586b807
-
-controller:
- # -- Set additional annotations on the deployment/statefulset/daemonset
- # -- Number of desired pods
- replicas: 2
- # -- Set the controller upgrade strategy
- # For Deployments, valid values are Recreate (default) and RollingUpdate.
- # For StatefulSets, valid values are OnDelete and RollingUpdate (default).
- # DaemonSets ignore this.
- strategy: RollingUpdate
-
-# -- Blocky Config File content
-blockyConfig: {}
-# upstream:
-# default:
-# - 1.1.1.1
-
-# -- Configures blocky webUI
-# Requires apiURL or ingress
-webUI:
- # -- Enable the WebUI
- enabled: true
- # -- url to the api, used by the WebUI. Only required when not using ingress
- apiURL: "127.0.0.1:4000"
-
-# -- some general blocky settings
-blocky:
- # -- Enable prometheus annotations
- enablePrometheus: true
-
-probes:
- liveness:
- enabled: false
- # TODO: Enable after v0.20 is released.
- # Current version does not include the healthcheck command
- # enabled: true
- # custom: true
- # spec:
- # exec:
- # command:
- # - /app/blocky
- # - healthcheck
- readiness:
- enabled: false
- # TODO: Enable after v0.20 is released.
- # Current version does not include the healthcheck command
- # enabled: true
- # custom: true
- # spec:
- # exec:
- # command:
- # - /app/blocky
- # - healthcheck
- startup:
- enabled: false
- # TODO: Enable after v0.20 is released.
- # Current version does not include the healthcheck command
- # enabled: true
- # custom: true
- # spec:
- # exec:
- # command:
- # - /app/blocky
- # - healthcheck
-
-service:
- main:
- ports:
- main:
- port: 10315
- protocol: HTTP
- targetPort: 80
- dnstcp:
- enabled: true
- ports:
- dnstcp:
- enabled: true
- port: 53
- targetPort: 53
- dnsudp:
- enabled: true
- ports:
- dnsudp:
- enabled: true
- port: 53
- protocol: UDP
- targetPort: 53
- dot:
- enabled: true
- ports:
- dot:
- enabled: true
- port: 853
- protocol: TCP
- targetPort: 853
- http:
- enabled: true
- ports:
- http:
- enabled: true
- port: 4000
- protocol: HTTP
- targetPort: 4000
- https:
- enabled: true
- ports:
- https:
- enabled: true
- port: 4443
- protocol: HTTPS
- targetPort: 4443
- k8sgateway:
- enabled: true
- ports:
- k8sgateway:
- enabled: true
- port: 5353
- protocol: UDP
- targetPort: 5353
-
-## TODO Add support for SCALE certificates and certificates secrets here
-certFile: ""
-keyFile: ""
-logLevel: info
-logFormat: text
-logTimestamp: true
-logPrivacy: false
-dohUserAgent: ""
-minTlsServeVersion: 1.2
-
-# -- set the default DNS upstream servers
-# Primarily designed for inclusion in the TrueNAS SCALE GUI
-defaultUpstreams:
- - 1.1.1.1
- - 1.0.0.1
- - 8.8.8.8
- - 8.8.4.4
- - 9.9.9.9
- - 149.112.112.112
- - 208.67.222.222
- - 208.67.220.220
- - 8.26.56.26
- - 8.20.247.20
- - 185.228.168.9
- - 185.228.169.9
- - 76.76.19.19
- - 76.223.122.150
- - 76.76.2.0
- - 76.76.10.0
-
-# -- set additional upstreams
-# Primarily designed for inclusion in the TrueNAS SCALE GUI
-upstreams:
- # - name: group2
- # dnsservers:
- # - 1.1.1.1
-
-# -- set bootstrap dns (not needed)
-# Ensures bootstrap encryption and ensure it doesn't use k8s dns
-bootstrapDns:
- # -- Upstream
- upstream: ""
- # -- IP's linked to upstream DoT/DoH DNS name
- ips: []
-
-# -- Return empty answer for these queries
-filtering:
- # -- Ensures filtering by query type
- queryTypes: []
-
-# -- Set manual custom DNS resolution
-customDNS:
- customTTL: 1h
- filterUnmappedTypes: true
- rewrite: []
- # - in: something.com
- # out: somethingelse.com
- mapping: []
- # - domain: something.com
- # dnsserver: 192.168.178.1
-
-# -- Setup client-name lookup
-clientLookup:
- # -- upstream used for client-name lookup
- upstream: ""
- singleNameOrder: []
- clients:
- # - domain: laptop
- # ips: []
-
-# -- Setup caching
-caching:
- minTime: 5m
- maxTime: 30m
- maxItemsCount: 0
- prefetching: false
- prefetchExpires: 2h
- prefetchThreshold: 5
- prefetchMaxItemsCount: 0
- cacheTimeNegative: 30m
-
-# -- set conditional settings
-# Primarily designed for inclusion in the TrueNAS SCALE GUI
-conditional:
- rewrite: []
- # - in: something.com
- # out: somethingelse.com
- mapping: []
- # - domain: something.com
- # dnsserver: 192.168.178.1
-
-# -- set blocking settings using Lists
-# Primarily designed for inclusion in the TrueNAS SCALE GUI
-blocking:
- # -- Sets the blocktype
- blockType: nxDomain
- # -- Sets the block ttl
- blockTTL: 6h
- # -- Sets the block refreshPeriod
- refreshPeriod: 4h
- # -- Sets the block download timeout
- downloadTimeout: 60s
- # -- Sets the block download attempt count
- downloadAttempts: 3
- # -- Sets the block download cooldown
- downloadCooldown: 2s
- # -- Set to fail start of lists cannot be downloaded
- failStartOnListError: false
- # -- Sets how many list-groups can be processed at the same time
- processingConcurrency: 4
- # -- Add blocky whitelists
- whitelist: []
- # - name: ads
- # lists:
- # - https://someurl.com/list.txt
- # - /somefile.txt
-
- # -- Blocky blacklists
- blacklist: []
- # - name: ads
- # lists:
- # - https://someurl.com/list.txt
- # - /somefile.txt
-
- # -- Blocky clientGroupsBlock
- clientGroupsBlock: []
- # - name: default
- # groups:
- # - ads
-
-# -- configure using hostsfile for lookups
-# Allows for using the hosts configured in kubernetes and such
-hostsFile:
- enabled: false
- filePath: /etc/hosts
- hostsTTL: 60m
- refreshPeriod: 30m
-
-## TODO: add this with postgresql support as well
-# queryLog:
-# type: csv
-# target: /logs
-# logRetentionDays: 0
-# creationAttempts: 3
-# CreationCooldown: 2
-
-portal:
- enabled: true
-
-serviceAccount:
- main:
- # -- Specifies whether a service account should be created
- enabled: true
-
-# -- Create a ClusterRole and ClusterRoleBinding
-# @default -- See below
-rbac:
- main:
- # -- Enables or disables the ClusterRole and ClusterRoleBinding
- enabled: true
-
- # -- Set Rules on the ClusterRole
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - namespaces
- verbs:
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- verbs:
- - list
- - watch
-
-k8sgateway:
- enabled: true
- # -- TTL for non-apex responses (in seconds)
- ttl: 300
-
- # -- Limit what kind of resources to watch, e.g. watchedResources: ["Ingress"]
- watchedResources: []
-
- # -- Service name of a secondary DNS server (should be `serviceName.namespace`)
- secondary: ""
-
- # -- Override the default `serviceName.namespace` domain apex
- apex: ""
-
- # -- list of processed domains
- domains: []
- # -- Delegated domain
- # - domain: "example.com"
- # # -- Optional configuration option for DNS01 challenge that will redirect all acme
- # # challenge requests to external cloud domain (e.g. managed by cert-manager)
- # # See: https://cert-manager.io/docs/configuration/acme/dns01/
- # dnsChallenge:
- # enabled: false
- # domain: dns01.clouddns.com
-
- forward:
- enabled: false
- primary: tls://1.1.1.1
- secondary: tls://1.0.0.1
- options:
- - name: tls_servername
- value: cloudflare-dns.com
-
-metrics:
- # -- Enable and configure a Prometheus serviceMonitor for the chart under this key.
- # @default -- See values.yaml
- enabled: true
- serviceMonitor:
- interval: 1m
- scrapeTimeout: 30s
- labels: {}
- # -- Enable and configure Prometheus Rules for the chart under this key.
- # @default -- See values.yaml
- prometheusRule:
- enabled: false
- labels: {}
- # -- Configure additionial rules for the chart under this key.
- # @default -- See prometheusrules.yaml
- rules:
- []
- # - alert: UnifiPollerAbsent
- # annotations:
- # description: Unifi Poller has disappeared from Prometheus service discovery.
- # summary: Unifi Poller is down.
- # expr: |
- # absent(up{job=~".*unifi-poller.*"} == 1)
- # for: 5m
- # labels:
- # severity: critical
-
-redis:
- enabled: true
- existingSecret: "rediscreds"
diff --git a/enterprise/blocky/4.0.24/questions.yaml b/enterprise/blocky/4.0.24/questions.yaml
deleted file mode 100644
index 3e2e82d509d..00000000000
--- a/enterprise/blocky/4.0.24/questions.yaml
+++ /dev/null
@@ -1,2661 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: webUI
- group: App Configuration
- label: WebUI Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Web UI
- description: Enables Web UI
- schema:
- type: boolean
- default: true
- - variable: apiURL
- label: API URL
- description: API URL for webUI, including port. Only used when not using ingress
- schema:
- type: string
- default: "http://127.0.0.1:4000"
- - variable: overrideDefaults
- group: App Configuration
- label: Override Default Upstreams
- description: Overrides the predefined DNS server upstream list
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: defaultUpstreams
- label: Default Upstreams
- schema:
- type: list
- default: []
- items:
- - variable: upstreamEntry
- label: Upstream Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: upstreams
- group: App Configuration
- label: Upstreams Groups
- description: Refer to
-
https://0xerr0r.github.io/blocky/configuration/#upstream-configuration
- schema:
- type: list
- default: []
- items:
- - variable: upstreamsGroupEntry
- label: Upstreams Group Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Group Name
- schema:
- type: string
- required: true
- default: ""
- - variable: upstreams
- label: Upstreams
- schema:
- type: list
- required: true
- default: []
- items:
- - variable: upstreamEntry
- label: upstream Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: bootstrapDns
- group: App Configuration
- label: Bootstrap DNS
- description: Used to resolve upstream DoH and DoT servers that are specified as hostnames.
-
Refer to https://0xerr0r.github.io/blocky/configuration/#bootstrap-dns-configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: upstream
- label: Upstream
- schema:
- type: string
- default: ""
- - variable: ips
- label: IPs
- schema:
- type: list
- default: []
- items:
- - variable: ipEntry
- label: IP Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: filtering
- group: App Configuration
- label: Filtering
- description: Define one or more DNS query types; all queries with these types will be dropped
-
Refer to https://0xerr0r.github.io/blocky/configuration/#filtering
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: queryTypes
- label: Query Types
- schema:
- type: list
- default: []
- items:
- - variable: queryTypeEntry
- label: Query Type Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: customDNS
- group: App Configuration
- label: Custom DNS
- description: Define your own domain name to IP mappings.
-
Refer to https://0xerr0r.github.io/blocky/configuration/#custom-dns
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: customTTL
- label: Custom TTL
- schema:
- type: string
- default: 1h
- - variable: filterUnmappedTypes
- label: Filter Unmapped Types
- schema:
- type: boolean
- default: true
- - variable: rewrite
- label: Rewrite
- schema:
- type: list
- default: []
- items:
- - variable: rewriteEntry
- label: Rewrite Entry
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: in
- label: In
- schema:
- type: string
- required: true
- default: ""
- - variable: out
- label: Out
- schema:
- type: string
- required: true
- default: ""
- - variable: mapping
- label: Mapping
- schema:
- type: list
- default: []
- items:
- - variable: mappingEntry
- label: Mapping Entry
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: domain
- label: Domain
- schema:
- type: string
- required: true
- default: ""
- - variable: dnsserver
- label: DNS Server
- schema:
- type: string
- required: true
- default: ""
- - variable: clientLookup
- group: App Configuration
- label: Client Lookup
- description: Blocky can try to resolve a user-friendly client name from the IP address or server URL (DoT and DoH)
-
Refer to https://0xerr0r.github.io/blocky/configuration/#client-name-lookup
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: upstream
- label: Upstream
- schema:
- type: string
- default: ""
- - variable: singleNameOrder
- label: Single Name Order
- schema:
- type: list
- default: []
- items:
- - variable: singleNameEntry
- label: Single Name Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: clients
- label: Clients
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: Client Entry
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: domain
- label: Domain
- schema:
- type: string
- required: true
- default: ""
- - variable: ips
- label: IPs
- schema:
- type: list
- default: []
- items:
- - variable: ipEntry
- label: IP Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: caching
- group: App Configuration
- label: Caching
- description: Refer to
-
https://0xerr0r.github.io/blocky/configuration/#caching
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: minTime
- label: Min Time
- schema:
- type: string
- default: 5m
- - variable: maxTime
- label: Max Time
- schema:
- type: string
- default: 30m
- - variable: maxItemsCount
- label: Max Items Count
- schema:
- type: int
- default: 0
- - variable: prefetching
- label: Prefetching
- schema:
- type: boolean
- default: false
- - variable: prefetchExpires
- label: Prefetch Expires
- schema:
- type: string
- default: 2h
- - variable: prefetchThreshold
- label: Prefetch Threshold
- schema:
- type: int
- default: 5
- - variable: prefetchMaxItemsCount
- label: Prefetch Max Items Count
- schema:
- type: int
- default: 0
- - variable: cacheTimeNegative
- label: Cache Time Negative
- schema:
- type: string
- default: 30m
- - variable: conditional
- group: App Configuration
- label: Conditional
- description: Define which DNS resolver(s) should be used for queries for the particular domain
-
Refer to https://0xerr0r.github.io/blocky/configuration/#conditional-dns-resolution
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: rewrite
- label: Rewrite
- schema:
- type: list
- default: []
- items:
- - variable: rewriteEntry
- label: Rewrite Entry
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: in
- label: In
- schema:
- type: string
- required: true
- default: ""
- - variable: out
- label: Out
- schema:
- type: string
- required: true
- default: ""
- - variable: mapping
- label: Mapping
- schema:
- type: list
- default: []
- items:
- - variable: mappingEntry
- label: Mapping Entry
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: domain
- label: Domain
- schema:
- type: string
- required: true
- default: ""
- - variable: dnsserver
- label: DNS Server
- schema:
- type: string
- required: true
- default: ""
- - variable: blocking
- group: App Configuration
- label: Blocking
- description: Each black or whitelist can be either a path to the local file or a URL to download. All Urls must be grouped to a group name.
-
Refer to https://0xerr0r.github.io/blocky/configuration/#blocking-and-whitelisting
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: blockType
- label: Block Type
- description: Set the response should be sent to the client, if a requested query is blocked
- schema:
- type: string
- default: nxDomain
- - variable: blockTTL
- label: Block TTL
- description: Set the TTL for answers to blocked domains
- schema:
- type: string
- default: 6h
- - variable: refreshPeriod
- label: Refresh Period
- description: Set how often blocky should refresh list cache
- schema:
- type: string
- default: 4h
- - variable: downloadTimeout
- label: Download Timeout
- description: Download attempt timeout
- schema:
- type: string
- default: 60s
- - variable: downloadAttempts
- label: Download Attempts
- description: How many download attempts should be performed
- schema:
- type: int
- default: 3
- - variable: downloadCooldown
- label: Download Cooldown
- description: Time between the download attempts
- schema:
- type: string
- default: 2s
- - variable: failStartOnListError
- label: Fail Start on List Error
- description: Fail to start if at least one list can't be downloaded or opened
- schema:
- type: boolean
- default: false
- - variable: processingConcurrency
- label: Processing Concurrency
- description: Sets how many list-groups can be processed at the same time
- schema:
- type: int
- default: 4
- - variable: whitelist
- label: Whitelist
- description: Define whitelists, either URL or file
- schema:
- type: list
- default: []
- items:
- - variable: whitelistEntry
- label: Whitelist Group Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Group Name
- schema:
- type: string
- required: true
- default: ""
- - variable: lists
- label: Lists
- schema:
- type: list
- required: true
- default: []
- items:
- - variable: listEntry
- label: List Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: blacklist
- label: Blacklist
- description: Define blacklists, either URL or file
- schema:
- type: list
- default: []
- items:
- - variable: blacklistEntry
- label: Blacklist Group Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Group Name
- schema:
- type: string
- required: true
- default: ""
- - variable: lists
- label: Lists
- schema:
- type: list
- required: true
- default: []
- items:
- - variable: listEntry
- label: List Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: clientGroupsBlock
- label: Client Groups Block
- description: Define, which blocking group(s) should be used for which client in your network.
- schema:
- type: list
- default: []
- items:
- - variable: clientGroupBlockEntry
- label: Client Group Block Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Client Group Name
- schema:
- type: string
- required: true
- default: ""
- - variable: groups
- label: Groups
- schema:
- type: list
- required: true
- default: []
- items:
- - variable: groupEntry
- label: Group Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: hostsFile
- group: App Configuration
- label: Hosts File
- description: You can enable resolving of entries, located in local hosts file.
-
Refer to https://0xerr0r.github.io/blocky/configuration/#hosts-file
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filePath
- label: File Path
- schema:
- type: string
- default: /etc/hosts
- - variable: hostsTTL
- label: Hosts TTL
- schema:
- type: string
- default: 60m
- - variable: refreshPeriod
- label: Refresh Period
- schema:
- type: string
- default: 30m
- - variable: k8sgateway
- group: App Configuration
- label: k8s-Gateway Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable k8s-Gateway
- description: Enables k8s-Gateway
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: domains
- label: Domains
- description: Please refer to CoreDNS docs for options
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: Domain name
- schema:
- type: string
- required: true
- default: example.com
- - variable: dnsChallenge
- label: Forward dnsChallenge
- description: Optional configuration option for DNS01 challenge that will redirect all acme
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: domain
- label: Forward to Domain
- schema:
- type: string
- required: true
- default: dns01.clouddns.com
- - variable: advancedOptions
- label: Advanced Options
- schema:
- type: boolean
- default: false
- show_if: [["enabled", "=", "true"]]
- show_subquestions_if: true
- subquestions:
- - variable: ttl
- label: ttl
- description: TTL for non-apex responses (in seconds)
- schema:
- type: int
- default: 300
- - variable: watchedResources
- label: Watched Resources
- description: imit what kind of resources to watch, e.g. Ingress
- schema:
- type: list
- default: []
- items:
- - variable: watchedResource
- label: Watched Resource
- schema:
- type: string
- default: ""
- - variable: secondary
- label: Secondary DNS Server Service
- description: Service name of a secondary DNS server (should be serviceName.namespace)
- schema:
- type: string
- default: ""
- - variable: apex
- label: Apex
- description: Override the default `serviceName.namespace` domain apex
- schema:
- type: string
- default: ""
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Service
- description: The Primary service on which the healthcheck runs, often the webUI
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Service Port Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- description: This port exposes the container port on the service
- schema:
- type: int
- default: 10315
- required: true
- - variable: dnstcp
- label: DNS TCP Service
- description: The DNS TCP service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: dnstcp
- label: DNS TCP Port Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- description: This port exposes the container port on the service
- schema:
- type: int
- default: 53
- required: true
- - variable: dnsudp
- label: DNS UDP Service
- description: The DNS UDP service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: dnsudp
- label: DNS UDP Port Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- description: This port exposes the container port on the service
- schema:
- type: int
- default: 53
- required: true
- - variable: dot
- label: DoT Service
- description: "DNS-over-TLS service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: ClusterIP
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: dot
- label: DoT Port Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- description: This port exposes the container port on the service
- schema:
- type: int
- default: 853
- required: true
- - variable: http
- label: HTTP and Metrics Service
- description: "service for things like metrics, pprof, API, DoH etc"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: ClusterIP
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: http
- label: HTTP and Metrics Port Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- description: This port exposes the container port on the service
- schema:
- type: int
- default: 4000
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: Privileged mode
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: ReadOnly Root Filesystem
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: Allow Privilege Escalation
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: runAsNonRoot
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: runAsUser
- description: The UserID of the user running the application
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: runAsGroup
- description: The groupID this App of the user running the application
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: fsGroup
- description: The group that should own ALL storage.
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: metrics
- group: Metrics
- label: Prometheus Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: serviceMonitor
- label: Service Monitor Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: interval
- label: Scrape Interval
- description: Scrape interval time
- schema:
- type: string
- default: 1m
- required: true
- - variable: scrapeTimeout
- label: Scrape Timeout
- description: Scrape timeout Time
- schema:
- type: string
- default: 30s
- required: true
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/blocky/4.0.24/templates/_blockyConfig.tpl b/enterprise/blocky/4.0.24/templates/_blockyConfig.tpl
deleted file mode 100644
index dda147e0935..00000000000
--- a/enterprise/blocky/4.0.24/templates/_blockyConfig.tpl
+++ /dev/null
@@ -1,212 +0,0 @@
-{{/* Define the config */}}
-{{- define "blocky.configmap" -}}
-{{- $configName := printf "%s-config" (include "tc.common.names.fullname" .) }}
-{{- $config := merge ( include "blocky.config" . | fromYaml ) ( .Values.blockyConfig ) }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ $configName }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
-data:
- config.yml: |
-{{ $config | toYaml | indent 4 }}
-{{- end -}}
-
-{{- define "blocky.config" -}}
-redis:
- address: {{ printf "%v-%v" .Release.Name "redis" }}:6379
- password: {{ .Values.redis.redisPassword | trimAll "\"" }}
- database: 0
- required: true
- connectionAttempts: 10
- connectionCooldown: 3s
-prometheus:
- enable: true
- path: /metrics
-upstream:
- default:
-{{- .Values.defaultUpstreams | toYaml | nindent 8 }}
-{{- range $id, $value := .Values.upstreams }}
- {{ $value.name }}:
-{{- $value.dnsservers | toYaml | nindent 8 }}
-{{- end }}
-
-{{- if .Values.service.dnsudp.enabled }}
-port: {{ .Values.service.dnsudp.ports.dnsudp.targetPort }}
-{{- end }}
-
-{{- if .Values.service.dot.enabled }}
-tlsPort: {{ .Values.service.dot.ports.dot.targetPort }}
-{{- end }}
-
-{{- if .Values.service.http.enabled }}
-httpPort: {{ .Values.service.http.ports.http.targetPort }}
-{{- end }}
-
-{{- if .Values.service.https.enabled }}
-httpsPort: {{ .Values.service.https.ports.https.targetPort }}
-{{- end }}
-
-{{- if .Values.certFile }}
-certFile: {{ .Values.certFile }}
-{{- end }}
-
-{{- if .Values.keyFile }}
-keyFile: {{ .Values.keyFile }}
-{{- end }}
-
-{{- if .Values.logLevel }}
-logLevel: {{ .Values.logLevel }}
-{{- end }}
-
-{{- if .Values.logTimestamp }}
-logTimestamp: {{ .Values.logTimestamp }}
-{{- end }}
-
-{{- if .Values.logPrivacy }}
-logPrivacy: {{ .Values.logPrivacy }}
-{{- end }}
-
-{{- if .Values.dohUserAgent }}
-dohUserAgent: {{ .Values.dohUserAgent }}
-{{- end }}
-
-{{- if .Values.minTlsServeVersion }}
-minTlsServeVersion: {{ .Values.minTlsServeVersion }}
-{{- end }}
-
-caching:
-{{ toYaml .Values.caching | indent 2 }}
-
-{{- if .Values.hostsFile.enabled }}
-{{ $hostsfile := omit .Values.hostsFile "enabled" }}
-hostsFile:
-{{ toYaml $hostsfile | indent 2 }}
-{{- end }}
-
-{{- if or .Values.bootstrapDns.upstream .Values.bootstrapDns.ips }}
-bootstrapDns:
-{{- if .Values.bootstrapDns.upstream }}
- upstream: {{ .Values.bootstrapDns.upstream }}
-{{- end }}
-{{- if .Values.bootstrapDns.ips }}
- ips:
-{{- range $id, $value := .Values.bootstrapDns.ips }}
- - {{ $value }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{- if or .Values.filtering.filtering }}
-filtering:
-{{- if .Values.filtering.ips }}
- queryTypes:
-{{- range $id, $value := .Values.filtering.ips }}
- - {{ $value }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{- if or .Values.customDNS.filterUnmappedTypes .Values.customDNS.customTTL .Values.customDNS.rewrite .Values.customDNS.mapping }}
-customDNS:
-{{- if .Values.customDNS.upstream }}
- upstream: {{ .Values.customDNS.upstream }}
-{{- end }}
-{{- if .Values.customDNS.customTTL }}
- customTTL: {{ .Values.customDNS.customTTL }}
-{{- end }}
-{{- if .Values.customDNS.rewrite }}
- rewrite:
-{{- range $id, $value := .Values.customDNS.rewrite }}
- {{ $value.in }}: {{ $value.out }}
-{{- end }}
-{{- end }}
-
-{{- if .Values.customDNS.mapping }}
- mapping:
-{{- range $id, $value := .Values.customDNS.mapping }}
- {{ $value.domain }}: {{ $value.dnsserver }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{- if or .Values.clientLookup.upstream .Values.clientLookup.ips }}
-clientLookup:
-{{- if .Values.clientLookup.upstream }}
- upstream: {{ .Values.clientLookup.upstream }}
-{{- end }}
-{{- if .Values.clientLookup.ips }}
- singleNameOrder:
-{{- range $id, $value := .Values.clientLookup.ips }}
- - {{ $value }}
-{{- end }}
-{{- end }}
-{{- if .Values.clientLookup.clients }}
- clients:
-{{- range $id, $value := .Values.clientLookup.clients }}
- {{ $value.domain }}:
- {{- range $id, $value := .ips }}
- - {{ $value }}
- {{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{- if or .Values.conditional.rewrite .Values.conditional.mapping ( and .Values.k8sgateway.enabled .Values.k8sgateway.domains ) }}
-conditional:
-{{- if .Values.conditional.rewrite }}
- rewrite:
-{{- range $id, $value := .Values.conditional.rewrite }}
- {{ $value.in }}: {{ $value.out }}
-{{- end }}
-{{- end }}
-
-{{- if or .Values.conditional.mapping ( and .Values.k8sgateway.enabled .Values.k8sgateway.domains ) }}
- mapping:
-{{- if and .Values.k8sgateway.enabled .Values.k8sgateway.domains }}
-{{- range $id, $value := .Values.k8sgateway.domains }}
- {{ .domain }}: 127.0.0.1:{{ $.Values.service.k8sgateway.ports.k8sgateway.targetPort }}
-{{- end }}
-{{- end }}
-{{- range $id, $value := .Values.conditional.mapping }}
- {{ $value.domain }}: {{ $value.dnsserver }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-blocking:
- blockType: {{ .Values.blocking.blockType }}
- blockTTL: {{ .Values.blocking.blockTTL }}
- refreshPeriod: {{ .Values.blocking.refreshPeriod }}
- downloadTimeout: {{ .Values.blocking.downloadTimeout }}
- downloadAttempts: {{ .Values.blocking.downloadAttempts }}
- downloadCooldown: {{ .Values.blocking.downloadCooldown }}
- failStartOnListError: {{ .Values.blocking.failStartOnListError }}
- processingConcurrency: {{ .Values.blocking.processingConcurrency }}
-{{- if .Values.blocking.whitelist }}
- whiteLists:
-{{- range $id, $value := .Values.blocking.whitelist }}
- {{ $value.name }}:
-{{- $value.lists | toYaml | nindent 10 }}
-{{- end }}
-{{- end }}
-
-{{- if .Values.blocking.blacklist }}
- blackLists:
-{{- range $id, $value := .Values.blocking.blacklist }}
- {{ $value.name }}:
-{{- $value.lists | toYaml | nindent 10 }}
-{{- end }}
-{{- end }}
-
-{{- if .Values.blocking.clientGroupsBlock }}
- clientGroupsBlock:
-{{- range $id, $value := .Values.blocking.clientGroupsBlock }}
- {{ $value.name }}:
-{{- $value.groups | toYaml | nindent 10 }}
-{{- end }}
-{{- end }}
-
-{{- end -}}
diff --git a/enterprise/blocky/4.0.24/templates/_k8sgateway.tpl b/enterprise/blocky/4.0.24/templates/_k8sgateway.tpl
deleted file mode 100644
index 87f4865b83b..00000000000
--- a/enterprise/blocky/4.0.24/templates/_k8sgateway.tpl
+++ /dev/null
@@ -1,108 +0,0 @@
-{{- define "k8sgateway.container" -}}
-image: {{ .Values.k8sgatewayImage.repository }}:{{ .Values.k8sgatewayImage.tag }}
-imagePullPolicy: {{ .Values.k8sgatewayImage.pullPolicy }}
-securityContext:
- runAsUser: 0
- runAsGroup: 0
- readOnlyRootFilesystem: true
- runAsNonRoot: false
-args: ["-conf", "/etc/coredns/Corefile"]
-ports:
- - containerPort: {{ .Values.service.k8sgateway.ports.k8sgateway.targetPort }}
- name: main
-volumeMounts:
- - name: config-volume
- mountPath: /etc/coredns
-readinessProbe:
- httpGet:
- path: /ready
- port: 8181
- initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
- timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
- periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
- failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
-livenessProbe:
- httpGet:
- path: /health
- port: 8080
- initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
- timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
- periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
- failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
-startupProbe:
- httpGet:
- path: /ready
- port: 8181
- initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
- timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
- periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
- failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
-{{- end -}}
-
-{{/*
-Create the matchable regex from domain
-*/}}
-{{- define "k8sgateway.configmap.regex" -}}
-{{- if .dnsChallenge.domain }}
-{{- .dnsChallenge.domain | replace "." "[.]" -}}
-{{- else -}}
- {{ "unset" }}
-{{- end }}
-{{- end -}}
-
-{{/* Define the configmap */}}
-{{- define "k8sgateway.configmap" -}}
-{{- $values := .Values.k8sgateway }}
-{{- $fqdn := ( include "tc.common.names.fqdn" . ) }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "tc.common.names.fullname" . }}-corefile
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
-data:
- Corefile: |-
- .:{{ .Values.service.k8sgateway.ports.k8sgateway.targetPort }} {
- errors
- log
- health {
- lameduck 5s
- }
- ready
- {{- range .Values.k8sgateway.domains }}
- {{- if .dnsChallenge.enabled }}
- template IN ANY {{ required "Delegated domain ('domain') is mandatory" .domain }} {
- match "_acme-challenge[.](.*)[.]{{ include "k8sgateway.configmap.regex" . }}"
- answer "{{ "{{" }} .Name {{ "}}" }} 5 IN CNAME {{ "{{" }} index .Match 1 {{ "}}" }}.{{ required "DNS01 challenge domain is mandatory" .dnsChallenge.domain }}"
- fallthrough
- }
- {{- end }}
- {{- end }}
- k8s_gateway {{ range .Values.k8sgateway.domains }}"{{ required "Delegated domain ('domain') is mandatory " .domain }}"{{ end }} {
- apex {{ $values.apex | default $fqdn }}
- ttl {{ $values.ttl }}
- {{- if $values.secondary }}
- secondary {{ $values.secondary }}
- {{- end }}
- {{- if $values.watchedResources }}
- resources {{ join " " $values.watchedResources }}
- {{- end }}
- fallthrough
- }
-
- prometheus 0.0.0.0:9153
- {{- if .Values.k8sgateway.forward.enabled }}
- forward . {{ .Values.k8sgateway.forward.primary }} {{ .Values.k8sgateway.forward.secondary }} {
- {{- range .Values.k8sgateway.forward.options }}
- {{ .name }} {{ .value }}
- {{- end }}
- }
- {{- else }}
- forward . 1.1.1.1
- {{- end }}
- loop
- reload
- loadbalance
- }
-{{- end -}}
diff --git a/enterprise/blocky/4.0.24/templates/_prometheusrules.tpl b/enterprise/blocky/4.0.24/templates/_prometheusrules.tpl
deleted file mode 100644
index 9be09114e03..00000000000
--- a/enterprise/blocky/4.0.24/templates/_prometheusrules.tpl
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- define "blocky.prometheusrule" -}}
-{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }}
----
-apiVersion: monitoring.coreos.com/v1
-kind: PrometheusRule
-metadata:
- name: {{ include "tc.common.names.fullname" . }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- {{- with .Values.metrics.prometheusRule.labels }}
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- groups:
- - name: {{ include "tc.common.names.fullname" . }}
- rules:
- {{- with .Values.metrics.prometheusRule.rules }}
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/blocky/4.0.24/templates/_servicemonitor.tpl b/enterprise/blocky/4.0.24/templates/_servicemonitor.tpl
deleted file mode 100644
index 6a6f8208912..00000000000
--- a/enterprise/blocky/4.0.24/templates/_servicemonitor.tpl
+++ /dev/null
@@ -1,27 +0,0 @@
-{{- define "blocky.servicemonitor" -}}
-{{- if .Values.metrics.enabled }}
----
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- name: {{ include "tc.common.names.fullname" . }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- {{- with .Values.metrics.serviceMonitor.labels }}
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "tc.common.labels.selectorLabels" . | nindent 6 }}
- endpoints:
- - port: http
- {{- with .Values.metrics.serviceMonitor.interval }}
- interval: {{ . }}
- {{- end }}
- {{- with .Values.metrics.serviceMonitor.scrapeTimeout }}
- scrapeTimeout: {{ . }}
- {{- end }}
- path: /metrics
-{{- end }}
-{{- end -}}
diff --git a/enterprise/blocky/4.0.24/templates/_webui.tpl b/enterprise/blocky/4.0.24/templates/_webui.tpl
deleted file mode 100644
index 4aab724576e..00000000000
--- a/enterprise/blocky/4.0.24/templates/_webui.tpl
+++ /dev/null
@@ -1,48 +0,0 @@
-{{- define "blocky.frontend" -}}
-image: {{ .Values.WebUIImage.repository }}:{{ .Values.WebUIImage.tag }}
-imagePullPolicy: {{ .Values.WebUIImage.pullPolicy }}
-securityContext:
- runAsUser: 568
- runAsGroup: 568
- readOnlyRootFilesystem: true
- runAsNonRoot: true
-ports:
- - containerPort: {{ .Values.service.main.ports.main.targetPort }}
- name: main
-readinessProbe:
- httpGet:
- path: /
- port: {{ .Values.service.main.ports.main.targetPort }}
- initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
- timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
- periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
- failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
-livenessProbe:
- httpGet:
- path: /
- port: {{ .Values.service.main.ports.main.targetPort }}
- initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
- timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
- periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
- failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
-startupProbe:
- httpGet:
- path: /
- port: {{ .Values.service.main.ports.main.targetPort }}
- initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
- timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
- periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
- failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
-env:
- - name: NODE_ENV
- value: "production"
-{{- $url := .Values.webUI.apiURL }}
-{{- if .Values.ingress.main.enabled }}
- {{- with (first .Values.ingress.main.hosts) }}
- {{- $url = ( printf "https://%s" .host ) }}
- {{- end }}
-{{- else }}
-{{- end }}
- - name: API_URL
- value: "{{ $url }}"
-{{- end -}}
diff --git a/enterprise/blocky/4.0.24/templates/common.yaml b/enterprise/blocky/4.0.24/templates/common.yaml
deleted file mode 100644
index 82486e127a2..00000000000
--- a/enterprise/blocky/4.0.24/templates/common.yaml
+++ /dev/null
@@ -1,106 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{ include "blocky.configmap" . }}
-
-{{/* Always mount the configmap, with the basic config, plus the 'blockyConfig' */}}
-{{- define "blocky.configmap.mount" -}}
-enabled: true
-type: custom
-mountPath: /app/config.yml
-subPath: config.yml
-readOnly: true
-volumeSpec:
- configMap:
- name: '{{ printf "%s-config" (include "tc.common.names.fullname" .) }}'
-{{- end -}}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "k8sgateway.configvolume" -}}
-enabled: "true"
-mountPath: "/etc/coredns"
-readOnly: true
-type: "custom"
-volumeSpec:
- configMap:
- name: {{ include "tc.common.names.fullname" . }}-corefile
- items:
- - key: Corefile
- path: Corefile
-{{- end -}}
-
-{{- $_ := set .Values.persistence "tc-config" (include "blocky.configmap.mount" . | fromYaml) -}}
-
-{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/port" (.Values.service.http.ports.http.port | toString) -}}
-
-{{- if .Values.webUI.enabled -}}
-{{- $_ := set .Values.additionalContainers "frontend" (include "blocky.frontend" . | fromYaml) -}}
-{{- end -}}
-
-{{- if and .Values.k8sgateway.enabled .Values.k8sgateway.domains -}}
-{{- include "k8sgateway.configmap" . }}
-{{- $_ := set .Values.persistence "config-volume" (include "k8sgateway.configvolume" . | fromYaml) -}}
-{{- $_ := set .Values.additionalContainers "k8sgateway" (include "k8sgateway.container" . | fromYaml) -}}
-{{- end -}}
-
-{{/* Define path for api */}}
-{{- define "blocky.api" -}}
-{{- $fullname := include "tc.common.names.fullname" . -}}
-path: "/api"
-# -- Ignored if not kubeVersion >= 1.14-0
-pathType: Prefix
-service:
- # -- Overrides the service name reference for this path
- name: {{ printf "%s-http" $fullname }}
- port: {{ .Values.service.http.ports.http.port }}
-{{- end -}}
-
-{{/* inject websocket path to all main ingress hosts*/}}
-{{- define "blocky.apiinjector" -}}
-{{- $path := list (include "blocky.api" . | fromYaml) -}}
-{{- if .Values.ingress.main.enabled }}
-{{- range .Values.ingress.main.hosts }}
-{{- $newpaths := list }}
-{{- $newpaths := concat .paths $path }}
-{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{/* inject api paths in ingress */}}
-{{- include "blocky.apiinjector" . }}
-
-{{/* Define path for DoH */}}
-{{- define "blocky.doh" -}}
-{{- $fullname := include "tc.common.names.fullname" . -}}
-path: "/dns-query"
-# -- Ignored if not kubeVersion >= 1.14-0
-pathType: Prefix
-service:
- # -- Overrides the service name reference for this path
- name: {{ printf "%s-http" $fullname }}
- port: {{ .Values.service.http.ports.http.port }}
-{{- end -}}
-
-{{/* inject websocket path to all main ingress hosts*/}}
-{{- define "blocky.dohinjector" -}}
-{{- $path := list (include "blocky.doh" . | fromYaml) -}}
-{{- if .Values.ingress.main.enabled }}
-{{- range .Values.ingress.main.hosts }}
-{{- $newpaths := list }}
-{{- $newpaths := concat .paths $path }}
-{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{/* inject api paths in ingress */}}
-{{- include "blocky.dohinjector" . }}
-
-{{- include "blocky.servicemonitor" . -}}
-{{- include "blocky.prometheusrule" . -}}
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/enterprise/blocky/4.0.24/values.yaml b/enterprise/blocky/4.0.24/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/cert-manager/0.0.7/CHANGELOG.md b/enterprise/cert-manager/0.0.7/CHANGELOG.md
deleted file mode 100644
index ab367ef9ea6..00000000000
--- a/enterprise/cert-manager/0.0.7/CHANGELOG.md
+++ /dev/null
@@ -1,63 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [cert-manager-0.0.7](https://github.com/truecharts/charts/compare/cert-manager-0.0.6...cert-manager-0.0.7) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/scratch to latest
-
-
-
-
-## [cert-manager-0.0.6](https://github.com/truecharts/charts/compare/cert-manager-0.0.5...cert-manager-0.0.6) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [cert-manager-0.0.5](https://github.com/truecharts/charts/compare/cert-manager-0.0.4...cert-manager-0.0.5) (2023-01-18)
-
-### Chore
-
-- update container image tccr.io/truecharts/scratch to latest ([#6460](https://github.com/truecharts/charts/issues/6460))
-
-
-
-
-## [cert-manager-0.0.4](https://github.com/truecharts/charts/compare/cert-manager-0.0.3...cert-manager-0.0.4) (2023-01-18)
-
-### Chore
-
-- pin container image tccr.io/truecharts/scratch to latest
-
-
-
-
-## [cert-manager-0.0.3](https://github.com/truecharts/charts/compare/cert-manager-0.0.2...cert-manager-0.0.3) (2023-01-18)
-
-
-
-
-## [cert-manager-0.0.2](https://github.com/truecharts/charts/compare/cert-manager-0.0.1...cert-manager-0.0.2) (2023-01-18)
-
-### Fix
-
-- try to fix GUI ([#6442](https://github.com/truecharts/charts/issues/6442))
-
-
-
-
-## [cert-manager-0.0.1]cert-manager-0.0.1 (2023-01-17)
-
-### Feat
-
-- add Cert-Manager configuration App ([#6378](https://github.com/truecharts/charts/issues/6378))
-
-
\ No newline at end of file
diff --git a/enterprise/cert-manager/0.0.7/Chart.yaml b/enterprise/cert-manager/0.0.7/Chart.yaml
deleted file mode 100644
index 31f95aee900..00000000000
--- a/enterprise/cert-manager/0.0.7/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: v2
-appVersion: "latest"
-deprecated: false
-description: Certificate management for Kubernetes
-home: https://truecharts.org/charts/enterprise/cert-manager
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/cert-manager.png
-keywords:
- - metallb
- - loadbalancer
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: cert-manager
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/cert-manager
- - https://cert-manager.io/
-type: application
-version: 0.0.7
-annotations:
- truecharts.org/catagories: |
- - core
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/cert-manager/0.0.7/LICENSE b/enterprise/cert-manager/0.0.7/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/cert-manager/0.0.7/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/cert-manager/0.0.7/README.md b/enterprise/cert-manager/0.0.7/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/cert-manager/0.0.7/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/cert-manager/0.0.7/app-changelog.md b/enterprise/cert-manager/0.0.7/app-changelog.md
deleted file mode 100644
index 92b1c33c367..00000000000
--- a/enterprise/cert-manager/0.0.7/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [cert-manager-0.0.7](https://github.com/truecharts/charts/compare/cert-manager-0.0.6...cert-manager-0.0.7) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/scratch to latest
-
-
\ No newline at end of file
diff --git a/enterprise/cert-manager/0.0.7/app-readme.md b/enterprise/cert-manager/0.0.7/app-readme.md
deleted file mode 100644
index 512ab2f7c5a..00000000000
--- a/enterprise/cert-manager/0.0.7/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Certificate management for Kubernetes
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/cert-manager](https://truecharts.org/charts/enterprise/cert-manager)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/cert-manager/0.0.7/charts/common-11.1.2.tgz b/enterprise/cert-manager/0.0.7/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/enterprise/cert-manager/0.0.7/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/enterprise/cert-manager/0.0.7/crds/cert-manager.yaml b/enterprise/cert-manager/0.0.7/crds/cert-manager.yaml
deleted file mode 100644
index 15af8a5bab0..00000000000
--- a/enterprise/cert-manager/0.0.7/crds/cert-manager.yaml
+++ /dev/null
@@ -1,4422 +0,0 @@
-# Copyright 2022 The cert-manager Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Source: cert-manager/templates/crds.yaml
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- name: clusterissuers.cert-manager.io
- labels:
- app: 'cert-manager'
- app.kubernetes.io/name: 'cert-manager'
- app.kubernetes.io/instance: 'cert-manager'
- # Generated labels
- app.kubernetes.io/version: "v1.11.0"
-spec:
- group: cert-manager.io
- names:
- kind: ClusterIssuer
- listKind: ClusterIssuerList
- plural: clusterissuers
- singular: clusterissuer
- categories:
- - cert-manager
- scope: Cluster
- versions:
- - name: v1
- subresources:
- status: {}
- additionalPrinterColumns:
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- priority: 1
- type: string
- - jsonPath: .metadata.creationTimestamp
- description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
- name: Age
- type: date
- schema:
- openAPIV3Schema:
- description: A ClusterIssuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is similar to an Issuer, however it is cluster-scoped and therefore can be referenced by resources that exist in *any* namespace, not just the same namespace as the referent.
- type: object
- required:
- - spec
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: Desired state of the ClusterIssuer resource.
- type: object
- properties:
- acme:
- description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates.
- type: object
- required:
- - privateKeySecretRef
- - server
- properties:
- caBundle:
- description: Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection.
- type: string
- format: byte
- disableAccountKeyGeneration:
- description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false.
- type: boolean
- email:
- description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered.
- type: string
- enableDurationFeature:
- description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false.
- type: boolean
- externalAccountBinding:
- description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account.
- type: object
- required:
- - keyID
- - keySecretRef
- properties:
- keyAlgorithm:
- description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.'
- type: string
- enum:
- - HS256
- - HS384
- - HS512
- keyID:
- description: keyID is the ID of the CA key that the External Account is bound to.
- type: string
- keySecretRef:
- description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- preferredChain:
- description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN'
- type: string
- maxLength: 64
- privateKeySecretRef:
- description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- server:
- description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.'
- type: string
- skipTLSVerify:
- description: 'INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.'
- type: boolean
- solvers:
- description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/'
- type: array
- items:
- description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided.
- type: object
- properties:
- dns01:
- description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow.
- type: object
- properties:
- acmeDNS:
- description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records.
- type: object
- required:
- - accountSecretRef
- - host
- properties:
- accountSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- host:
- type: string
- akamai:
- description: Use the Akamai DNS zone management API to manage DNS01 challenge records.
- type: object
- required:
- - accessTokenSecretRef
- - clientSecretSecretRef
- - clientTokenSecretRef
- - serviceConsumerDomain
- properties:
- accessTokenSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- clientSecretSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- clientTokenSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- serviceConsumerDomain:
- type: string
- azureDNS:
- description: Use the Microsoft Azure DNS API to manage DNS01 challenge records.
- type: object
- required:
- - resourceGroupName
- - subscriptionID
- properties:
- clientID:
- description: if both this and ClientSecret are left unset MSI will be used
- type: string
- clientSecretSecretRef:
- description: if both this and ClientID are left unset MSI will be used
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- environment:
- description: name of the Azure environment (default AzurePublicCloud)
- type: string
- enum:
- - AzurePublicCloud
- - AzureChinaCloud
- - AzureGermanCloud
- - AzureUSGovernmentCloud
- hostedZoneName:
- description: name of the DNS zone that should be used
- type: string
- managedIdentity:
- description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID
- type: object
- properties:
- clientID:
- description: client ID of the managed identity, can not be used at the same time as resourceID
- type: string
- resourceID:
- description: resource ID of the managed identity, can not be used at the same time as clientID
- type: string
- resourceGroupName:
- description: resource group the DNS zone is located in
- type: string
- subscriptionID:
- description: ID of the Azure subscription
- type: string
- tenantID:
- description: when specifying ClientID and ClientSecret then this field is also needed
- type: string
- cloudDNS:
- description: Use the Google Cloud DNS API to manage DNS01 challenge records.
- type: object
- required:
- - project
- properties:
- hostedZoneName:
- description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone.
- type: string
- project:
- type: string
- serviceAccountSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- cloudflare:
- description: Use the Cloudflare API to manage DNS01 challenge records.
- type: object
- properties:
- apiKeySecretRef:
- description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.'
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- apiTokenSecretRef:
- description: API token used to authenticate with Cloudflare.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- email:
- description: Email of the account, only required when using API key based authentication.
- type: string
- cnameStrategy:
- description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones.
- type: string
- enum:
- - None
- - Follow
- digitalocean:
- description: Use the DigitalOcean DNS API to manage DNS01 challenge records.
- type: object
- required:
- - tokenSecretRef
- properties:
- tokenSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- rfc2136:
- description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records.
- type: object
- required:
- - nameserver
- properties:
- nameserver:
- description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required.
- type: string
- tsigAlgorithm:
- description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.'
- type: string
- tsigKeyName:
- description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required.
- type: string
- tsigSecretSecretRef:
- description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- route53:
- description: Use the AWS Route53 API to manage DNS01 challenge records.
- type: object
- required:
- - region
- properties:
- accessKeyID:
- description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
- type: string
- accessKeyIDSecretRef:
- description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- hostedZoneID:
- description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call.
- type: string
- region:
- description: Always set the region when using AccessKeyID and SecretAccessKey
- type: string
- role:
- description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata
- type: string
- secretAccessKeySecretRef:
- description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- webhook:
- description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records.
- type: object
- required:
- - groupName
- - solverName
- properties:
- config:
- description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation.
- x-kubernetes-preserve-unknown-fields: true
- groupName:
- description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation.
- type: string
- solverName:
- description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'.
- type: string
- http01:
- description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism.
- type: object
- properties:
- gatewayHTTPRoute:
- description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future.
- type: object
- properties:
- labels:
- description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges.
- type: object
- additionalProperties:
- type: string
- parentRefs:
- description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways'
- type: array
- items:
- description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid."
- type: object
- required:
- - name
- properties:
- group:
- description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core"
- type: string
- default: gateway.networking.k8s.io
- maxLength: 253
- pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
- kind:
- description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)"
- type: string
- default: Gateway
- maxLength: 63
- minLength: 1
- pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
- name:
- description: "Name is the name of the referent. \n Support: Core"
- type: string
- maxLength: 253
- minLength: 1
- namespace:
- description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core"
- type: string
- maxLength: 63
- minLength: 1
- pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
- port:
- description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n "
- type: integer
- format: int32
- maximum: 65535
- minimum: 1
- sectionName:
- description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core"
- type: string
- maxLength: 253
- minLength: 1
- pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
- serviceType:
- description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort.
- type: string
- ingress:
- description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed.
- type: object
- properties:
- class:
- description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified.
- type: string
- ingressTemplate:
- description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges.
- type: object
- properties:
- metadata:
- description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values.
- type: object
- properties:
- annotations:
- description: Annotations that should be added to the created ACME HTTP01 solver ingress.
- type: object
- additionalProperties:
- type: string
- labels:
- description: Labels that should be added to the created ACME HTTP01 solver ingress.
- type: object
- additionalProperties:
- type: string
- name:
- description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources.
- type: string
- podTemplate:
- description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges.
- type: object
- properties:
- metadata:
- description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values.
- type: object
- properties:
- annotations:
- description: Annotations that should be added to the create ACME HTTP01 solver pods.
- type: object
- additionalProperties:
- type: string
- labels:
- description: Labels that should be added to the created ACME HTTP01 solver pods.
- type: object
- additionalProperties:
- type: string
- spec:
- description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored.
- type: object
- properties:
- affinity:
- description: If specified, the pod's scheduling constraints
- type: object
- properties:
- nodeAffinity:
- description: Describes node affinity scheduling rules for the pod.
- type: object
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
- type: array
- items:
- description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
- type: object
- required:
- - preference
- - weight
- properties:
- preference:
- description: A node selector term, associated with the corresponding weight.
- type: object
- properties:
- matchExpressions:
- description: A list of node selector requirements by node's labels.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchFields:
- description: A list of node selector requirements by node's fields.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- x-kubernetes-map-type: atomic
- weight:
- description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
- type: integer
- format: int32
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
- type: object
- required:
- - nodeSelectorTerms
- properties:
- nodeSelectorTerms:
- description: Required. A list of node selector terms. The terms are ORed.
- type: array
- items:
- description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
- type: object
- properties:
- matchExpressions:
- description: A list of node selector requirements by node's labels.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchFields:
- description: A list of node selector requirements by node's fields.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- x-kubernetes-map-type: atomic
- x-kubernetes-map-type: atomic
- podAffinity:
- description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
- type: object
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
- type: array
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
- type: object
- required:
- - podAffinityTerm
- - weight
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated with the corresponding weight.
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- weight:
- description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
- type: integer
- format: int32
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
- type: array
- items:
- description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- podAntiAffinity:
- description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
- type: object
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
- type: array
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
- type: object
- required:
- - podAffinityTerm
- - weight
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated with the corresponding weight.
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- weight:
- description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
- type: integer
- format: int32
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
- type: array
- items:
- description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- nodeSelector:
- description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- additionalProperties:
- type: string
- priorityClassName:
- description: If specified, the pod's priorityClassName.
- type: string
- serviceAccountName:
- description: If specified, the pod's service account
- type: string
- tolerations:
- description: If specified, the pod's tolerations.
- type: array
- items:
- description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .
- type: object
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- type: integer
- format: int64
- value:
- description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- type: string
- serviceType:
- description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort.
- type: string
- selector:
- description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead.
- type: object
- properties:
- dnsNames:
- description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected.
- type: array
- items:
- type: string
- dnsZones:
- description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected.
- type: array
- items:
- type: string
- matchLabels:
- description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to.
- type: object
- additionalProperties:
- type: string
- ca:
- description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager.
- type: object
- required:
- - secretName
- properties:
- crlDistributionPoints:
- description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set.
- type: array
- items:
- type: string
- ocspServers:
- description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org".
- type: array
- items:
- type: string
- secretName:
- description: SecretName is the name of the secret used to sign Certificates issued by this Issuer.
- type: string
- selfSigned:
- description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object.
- type: object
- properties:
- crlDistributionPoints:
- description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings.
- type: array
- items:
- type: string
- vault:
- description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend.
- type: object
- required:
- - auth
- - path
- - server
- properties:
- auth:
- description: Auth configures how cert-manager authenticates with the Vault server.
- type: object
- properties:
- appRole:
- description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource.
- type: object
- required:
- - path
- - roleId
- - secretRef
- properties:
- path:
- description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"'
- type: string
- roleId:
- description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault.
- type: string
- secretRef:
- description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- kubernetes:
- description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server.
- type: object
- required:
- - role
- - secretRef
- properties:
- mountPath:
- description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used.
- type: string
- role:
- description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies.
- type: string
- secretRef:
- description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- tokenSecretRef:
- description: TokenSecretRef authenticates with Vault by presenting a token.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- caBundle:
- description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection.
- type: string
- format: byte
- caBundleSecretRef:
- description: Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to 'ca.crt'.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces'
- type: string
- path:
- description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".'
- type: string
- server:
- description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".'
- type: string
- venafi:
- description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone.
- type: object
- required:
- - zone
- properties:
- cloud:
- description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified.
- type: object
- required:
- - apiTokenSecretRef
- properties:
- apiTokenSecretRef:
- description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- url:
- description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1".
- type: string
- tpp:
- description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified.
- type: object
- required:
- - credentialsRef
- - url
- properties:
- caBundle:
- description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain.
- type: string
- format: byte
- credentialsRef:
- description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'.
- type: object
- required:
- - name
- properties:
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- url:
- description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".'
- type: string
- zone:
- description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required.
- type: string
- status:
- description: Status of the ClusterIssuer. This is set and managed automatically.
- type: object
- properties:
- acme:
- description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates.
- type: object
- properties:
- lastRegisteredEmail:
- description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer
- type: string
- uri:
- description: URI is the unique account identifier, which can also be used to retrieve account details from the CA
- type: string
- conditions:
- description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`.
- type: array
- items:
- description: IssuerCondition contains condition information for an Issuer.
- type: object
- required:
- - status
- - type
- properties:
- lastTransitionTime:
- description: LastTransitionTime is the timestamp corresponding to the last status change of this condition.
- type: string
- format: date-time
- message:
- description: Message is a human readable description of the details of the last transition, complementing reason.
- type: string
- observedGeneration:
- description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer.
- type: integer
- format: int64
- reason:
- description: Reason is a brief machine readable explanation for the condition's last transition.
- type: string
- status:
- description: Status of the condition, one of (`True`, `False`, `Unknown`).
- type: string
- enum:
- - "True"
- - "False"
- - Unknown
- type:
- description: Type of the condition, known values are (`Ready`).
- type: string
- x-kubernetes-list-map-keys:
- - type
- x-kubernetes-list-type: map
- served: true
- storage: true
----
-# Source: cert-manager/templates/crds.yaml
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- name: challenges.acme.cert-manager.io
- labels:
- app: 'cert-manager'
- app.kubernetes.io/name: 'cert-manager'
- app.kubernetes.io/instance: 'cert-manager'
- # Generated labels
- app.kubernetes.io/version: "v1.11.0"
-spec:
- group: acme.cert-manager.io
- names:
- kind: Challenge
- listKind: ChallengeList
- plural: challenges
- singular: challenge
- categories:
- - cert-manager
- - cert-manager-acme
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .status.state
- name: State
- type: string
- - jsonPath: .spec.dnsName
- name: Domain
- type: string
- - jsonPath: .status.reason
- name: Reason
- priority: 1
- type: string
- - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1
- schema:
- openAPIV3Schema:
- description: Challenge is a type to represent a Challenge request with an ACME server
- type: object
- required:
- - metadata
- - spec
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- type: object
- required:
- - authorizationURL
- - dnsName
- - issuerRef
- - key
- - solver
- - token
- - type
- - url
- properties:
- authorizationURL:
- description: The URL to the ACME Authorization resource that this challenge is a part of.
- type: string
- dnsName:
- description: dnsName is the identifier that this challenge is for, e.g. example.com. If the requested DNSName is a 'wildcard', this field MUST be set to the non-wildcard domain, e.g. for `*.example.com`, it must be `example.com`.
- type: string
- issuerRef:
- description: References a properly configured ACME-type Issuer which should be used to create this Challenge. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Challenge will be marked as failed.
- type: object
- required:
- - name
- properties:
- group:
- description: Group of the resource being referred to.
- type: string
- kind:
- description: Kind of the resource being referred to.
- type: string
- name:
- description: Name of the resource being referred to.
- type: string
- key:
- description: 'The ACME challenge key for this challenge For HTTP01 challenges, this is the value that must be responded with to complete the HTTP01 challenge in the format: `.`. For DNS01 challenges, this is the base64 encoded SHA256 sum of the `.` text that must be set as the TXT record content.'
- type: string
- solver:
- description: Contains the domain solving configuration that should be used to solve this challenge resource.
- type: object
- properties:
- dns01:
- description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow.
- type: object
- properties:
- acmeDNS:
- description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records.
- type: object
- required:
- - accountSecretRef
- - host
- properties:
- accountSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- host:
- type: string
- akamai:
- description: Use the Akamai DNS zone management API to manage DNS01 challenge records.
- type: object
- required:
- - accessTokenSecretRef
- - clientSecretSecretRef
- - clientTokenSecretRef
- - serviceConsumerDomain
- properties:
- accessTokenSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- clientSecretSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- clientTokenSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- serviceConsumerDomain:
- type: string
- azureDNS:
- description: Use the Microsoft Azure DNS API to manage DNS01 challenge records.
- type: object
- required:
- - resourceGroupName
- - subscriptionID
- properties:
- clientID:
- description: if both this and ClientSecret are left unset MSI will be used
- type: string
- clientSecretSecretRef:
- description: if both this and ClientID are left unset MSI will be used
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- environment:
- description: name of the Azure environment (default AzurePublicCloud)
- type: string
- enum:
- - AzurePublicCloud
- - AzureChinaCloud
- - AzureGermanCloud
- - AzureUSGovernmentCloud
- hostedZoneName:
- description: name of the DNS zone that should be used
- type: string
- managedIdentity:
- description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID
- type: object
- properties:
- clientID:
- description: client ID of the managed identity, can not be used at the same time as resourceID
- type: string
- resourceID:
- description: resource ID of the managed identity, can not be used at the same time as clientID
- type: string
- resourceGroupName:
- description: resource group the DNS zone is located in
- type: string
- subscriptionID:
- description: ID of the Azure subscription
- type: string
- tenantID:
- description: when specifying ClientID and ClientSecret then this field is also needed
- type: string
- cloudDNS:
- description: Use the Google Cloud DNS API to manage DNS01 challenge records.
- type: object
- required:
- - project
- properties:
- hostedZoneName:
- description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone.
- type: string
- project:
- type: string
- serviceAccountSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- cloudflare:
- description: Use the Cloudflare API to manage DNS01 challenge records.
- type: object
- properties:
- apiKeySecretRef:
- description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.'
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- apiTokenSecretRef:
- description: API token used to authenticate with Cloudflare.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- email:
- description: Email of the account, only required when using API key based authentication.
- type: string
- cnameStrategy:
- description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones.
- type: string
- enum:
- - None
- - Follow
- digitalocean:
- description: Use the DigitalOcean DNS API to manage DNS01 challenge records.
- type: object
- required:
- - tokenSecretRef
- properties:
- tokenSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- rfc2136:
- description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records.
- type: object
- required:
- - nameserver
- properties:
- nameserver:
- description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required.
- type: string
- tsigAlgorithm:
- description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.'
- type: string
- tsigKeyName:
- description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required.
- type: string
- tsigSecretSecretRef:
- description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- route53:
- description: Use the AWS Route53 API to manage DNS01 challenge records.
- type: object
- required:
- - region
- properties:
- accessKeyID:
- description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
- type: string
- accessKeyIDSecretRef:
- description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- hostedZoneID:
- description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call.
- type: string
- region:
- description: Always set the region when using AccessKeyID and SecretAccessKey
- type: string
- role:
- description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata
- type: string
- secretAccessKeySecretRef:
- description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- webhook:
- description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records.
- type: object
- required:
- - groupName
- - solverName
- properties:
- config:
- description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation.
- x-kubernetes-preserve-unknown-fields: true
- groupName:
- description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation.
- type: string
- solverName:
- description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'.
- type: string
- http01:
- description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism.
- type: object
- properties:
- gatewayHTTPRoute:
- description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future.
- type: object
- properties:
- labels:
- description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges.
- type: object
- additionalProperties:
- type: string
- parentRefs:
- description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways'
- type: array
- items:
- description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid."
- type: object
- required:
- - name
- properties:
- group:
- description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core"
- type: string
- default: gateway.networking.k8s.io
- maxLength: 253
- pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
- kind:
- description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)"
- type: string
- default: Gateway
- maxLength: 63
- minLength: 1
- pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
- name:
- description: "Name is the name of the referent. \n Support: Core"
- type: string
- maxLength: 253
- minLength: 1
- namespace:
- description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core"
- type: string
- maxLength: 63
- minLength: 1
- pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
- port:
- description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n "
- type: integer
- format: int32
- maximum: 65535
- minimum: 1
- sectionName:
- description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core"
- type: string
- maxLength: 253
- minLength: 1
- pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
- serviceType:
- description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort.
- type: string
- ingress:
- description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed.
- type: object
- properties:
- class:
- description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified.
- type: string
- ingressTemplate:
- description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges.
- type: object
- properties:
- metadata:
- description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values.
- type: object
- properties:
- annotations:
- description: Annotations that should be added to the created ACME HTTP01 solver ingress.
- type: object
- additionalProperties:
- type: string
- labels:
- description: Labels that should be added to the created ACME HTTP01 solver ingress.
- type: object
- additionalProperties:
- type: string
- name:
- description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources.
- type: string
- podTemplate:
- description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges.
- type: object
- properties:
- metadata:
- description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values.
- type: object
- properties:
- annotations:
- description: Annotations that should be added to the create ACME HTTP01 solver pods.
- type: object
- additionalProperties:
- type: string
- labels:
- description: Labels that should be added to the created ACME HTTP01 solver pods.
- type: object
- additionalProperties:
- type: string
- spec:
- description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored.
- type: object
- properties:
- affinity:
- description: If specified, the pod's scheduling constraints
- type: object
- properties:
- nodeAffinity:
- description: Describes node affinity scheduling rules for the pod.
- type: object
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
- type: array
- items:
- description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
- type: object
- required:
- - preference
- - weight
- properties:
- preference:
- description: A node selector term, associated with the corresponding weight.
- type: object
- properties:
- matchExpressions:
- description: A list of node selector requirements by node's labels.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchFields:
- description: A list of node selector requirements by node's fields.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- x-kubernetes-map-type: atomic
- weight:
- description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
- type: integer
- format: int32
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
- type: object
- required:
- - nodeSelectorTerms
- properties:
- nodeSelectorTerms:
- description: Required. A list of node selector terms. The terms are ORed.
- type: array
- items:
- description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
- type: object
- properties:
- matchExpressions:
- description: A list of node selector requirements by node's labels.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchFields:
- description: A list of node selector requirements by node's fields.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- x-kubernetes-map-type: atomic
- x-kubernetes-map-type: atomic
- podAffinity:
- description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
- type: object
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
- type: array
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
- type: object
- required:
- - podAffinityTerm
- - weight
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated with the corresponding weight.
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- weight:
- description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
- type: integer
- format: int32
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
- type: array
- items:
- description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- podAntiAffinity:
- description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
- type: object
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
- type: array
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
- type: object
- required:
- - podAffinityTerm
- - weight
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated with the corresponding weight.
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- weight:
- description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
- type: integer
- format: int32
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
- type: array
- items:
- description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- nodeSelector:
- description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- additionalProperties:
- type: string
- priorityClassName:
- description: If specified, the pod's priorityClassName.
- type: string
- serviceAccountName:
- description: If specified, the pod's service account
- type: string
- tolerations:
- description: If specified, the pod's tolerations.
- type: array
- items:
- description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .
- type: object
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- type: integer
- format: int64
- value:
- description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- type: string
- serviceType:
- description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort.
- type: string
- selector:
- description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead.
- type: object
- properties:
- dnsNames:
- description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected.
- type: array
- items:
- type: string
- dnsZones:
- description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected.
- type: array
- items:
- type: string
- matchLabels:
- description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to.
- type: object
- additionalProperties:
- type: string
- token:
- description: The ACME challenge token for this challenge. This is the raw value returned from the ACME server.
- type: string
- type:
- description: The type of ACME challenge this resource represents. One of "HTTP-01" or "DNS-01".
- type: string
- enum:
- - HTTP-01
- - DNS-01
- url:
- description: The URL of the ACME Challenge resource for this challenge. This can be used to lookup details about the status of this challenge.
- type: string
- wildcard:
- description: wildcard will be true if this challenge is for a wildcard identifier, for example '*.example.com'.
- type: boolean
- status:
- type: object
- properties:
- presented:
- description: presented will be set to true if the challenge values for this challenge are currently 'presented'. This *does not* imply the self check is passing. Only that the values have been 'submitted' for the appropriate challenge mechanism (i.e. the DNS01 TXT record has been presented, or the HTTP01 configuration has been configured).
- type: boolean
- processing:
- description: Used to denote whether this challenge should be processed or not. This field will only be set to true by the 'scheduling' component. It will only be set to false by the 'challenges' controller, after the challenge has reached a final state or timed out. If this field is set to false, the challenge controller will not take any more action.
- type: boolean
- reason:
- description: Contains human readable information on why the Challenge is in the current state.
- type: string
- state:
- description: Contains the current 'state' of the challenge. If not set, the state of the challenge is unknown.
- type: string
- enum:
- - valid
- - ready
- - pending
- - processing
- - invalid
- - expired
- - errored
- served: true
- storage: true
- subresources:
- status: {}
----
-# Source: cert-manager/templates/crds.yaml
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- name: certificaterequests.cert-manager.io
- labels:
- app: 'cert-manager'
- app.kubernetes.io/name: 'cert-manager'
- app.kubernetes.io/instance: 'cert-manager'
- # Generated labels
- app.kubernetes.io/version: "v1.11.0"
-spec:
- group: cert-manager.io
- names:
- kind: CertificateRequest
- listKind: CertificateRequestList
- plural: certificaterequests
- shortNames:
- - cr
- - crs
- singular: certificaterequest
- categories:
- - cert-manager
- scope: Namespaced
- versions:
- - name: v1
- subresources:
- status: {}
- additionalPrinterColumns:
- - jsonPath: .status.conditions[?(@.type=="Approved")].status
- name: Approved
- type: string
- - jsonPath: .status.conditions[?(@.type=="Denied")].status
- name: Denied
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .spec.issuerRef.name
- name: Issuer
- type: string
- - jsonPath: .spec.username
- name: Requestor
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- priority: 1
- type: string
- - jsonPath: .metadata.creationTimestamp
- description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
- name: Age
- type: date
- schema:
- openAPIV3Schema:
- description: "A CertificateRequest is used to request a signed certificate from one of the configured issuers. \n All fields within the CertificateRequest's `spec` are immutable after creation. A CertificateRequest will either succeed or fail, as denoted by its `status.state` field. \n A CertificateRequest is a one-shot resource, meaning it represents a single point in time request for a certificate and cannot be re-used."
- type: object
- required:
- - spec
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: Desired state of the CertificateRequest resource.
- type: object
- required:
- - issuerRef
- - request
- properties:
- duration:
- description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types.
- type: string
- extra:
- description: Extra contains extra attributes of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable.
- type: object
- additionalProperties:
- type: array
- items:
- type: string
- groups:
- description: Groups contains group membership of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable.
- type: array
- items:
- type: string
- x-kubernetes-list-type: atomic
- isCA:
- description: IsCA will request to mark the certificate as valid for certificate signing when submitting to the issuer. This will automatically add the `cert sign` usage to the list of `usages`.
- type: boolean
- issuerRef:
- description: IssuerRef is a reference to the issuer for this CertificateRequest. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the CertificateRequest will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. The group field refers to the API group of the issuer which defaults to `cert-manager.io` if empty.
- type: object
- required:
- - name
- properties:
- group:
- description: Group of the resource being referred to.
- type: string
- kind:
- description: Kind of the resource being referred to.
- type: string
- name:
- description: Name of the resource being referred to.
- type: string
- request:
- description: The PEM-encoded x509 certificate signing request to be submitted to the CA for signing.
- type: string
- format: byte
- uid:
- description: UID contains the uid of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable.
- type: string
- usages:
- description: Usages is the set of x509 usages that are requested for the certificate. If usages are set they SHOULD be encoded inside the CSR spec Defaults to `digital signature` and `key encipherment` if not specified.
- type: array
- items:
- description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\""
- type: string
- enum:
- - signing
- - digital signature
- - content commitment
- - key encipherment
- - key agreement
- - data encipherment
- - cert sign
- - crl sign
- - encipher only
- - decipher only
- - any
- - server auth
- - client auth
- - code signing
- - email protection
- - s/mime
- - ipsec end system
- - ipsec tunnel
- - ipsec user
- - timestamping
- - ocsp signing
- - microsoft sgc
- - netscape sgc
- username:
- description: Username contains the name of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable.
- type: string
- status:
- description: Status of the CertificateRequest. This is set and managed automatically.
- type: object
- properties:
- ca:
- description: The PEM encoded x509 certificate of the signer, also known as the CA (Certificate Authority). This is set on a best-effort basis by different issuers. If not set, the CA is assumed to be unknown/not available.
- type: string
- format: byte
- certificate:
- description: The PEM encoded x509 certificate resulting from the certificate signing request. If not set, the CertificateRequest has either not been completed or has failed. More information on failure can be found by checking the `conditions` field.
- type: string
- format: byte
- conditions:
- description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready` and `InvalidRequest`.
- type: array
- items:
- description: CertificateRequestCondition contains condition information for a CertificateRequest.
- type: object
- required:
- - status
- - type
- properties:
- lastTransitionTime:
- description: LastTransitionTime is the timestamp corresponding to the last status change of this condition.
- type: string
- format: date-time
- message:
- description: Message is a human readable description of the details of the last transition, complementing reason.
- type: string
- reason:
- description: Reason is a brief machine readable explanation for the condition's last transition.
- type: string
- status:
- description: Status of the condition, one of (`True`, `False`, `Unknown`).
- type: string
- enum:
- - "True"
- - "False"
- - Unknown
- type:
- description: Type of the condition, known values are (`Ready`, `InvalidRequest`, `Approved`, `Denied`).
- type: string
- x-kubernetes-list-map-keys:
- - type
- x-kubernetes-list-type: map
- failureTime:
- description: FailureTime stores the time that this CertificateRequest failed. This is used to influence garbage collection and back-off.
- type: string
- format: date-time
- served: true
- storage: true
----
-# Source: cert-manager/templates/crds.yaml
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- name: issuers.cert-manager.io
- labels:
- app: 'cert-manager'
- app.kubernetes.io/name: 'cert-manager'
- app.kubernetes.io/instance: 'cert-manager'
- # Generated labels
- app.kubernetes.io/version: "v1.11.0"
-spec:
- group: cert-manager.io
- names:
- kind: Issuer
- listKind: IssuerList
- plural: issuers
- singular: issuer
- categories:
- - cert-manager
- scope: Namespaced
- versions:
- - name: v1
- subresources:
- status: {}
- additionalPrinterColumns:
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- priority: 1
- type: string
- - jsonPath: .metadata.creationTimestamp
- description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
- name: Age
- type: date
- schema:
- openAPIV3Schema:
- description: An Issuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is scoped to a single namespace and can therefore only be referenced by resources within the same namespace.
- type: object
- required:
- - spec
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: Desired state of the Issuer resource.
- type: object
- properties:
- acme:
- description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates.
- type: object
- required:
- - privateKeySecretRef
- - server
- properties:
- caBundle:
- description: Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection.
- type: string
- format: byte
- disableAccountKeyGeneration:
- description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false.
- type: boolean
- email:
- description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered.
- type: string
- enableDurationFeature:
- description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false.
- type: boolean
- externalAccountBinding:
- description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account.
- type: object
- required:
- - keyID
- - keySecretRef
- properties:
- keyAlgorithm:
- description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.'
- type: string
- enum:
- - HS256
- - HS384
- - HS512
- keyID:
- description: keyID is the ID of the CA key that the External Account is bound to.
- type: string
- keySecretRef:
- description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- preferredChain:
- description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN'
- type: string
- maxLength: 64
- privateKeySecretRef:
- description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- server:
- description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.'
- type: string
- skipTLSVerify:
- description: 'INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.'
- type: boolean
- solvers:
- description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/'
- type: array
- items:
- description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided.
- type: object
- properties:
- dns01:
- description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow.
- type: object
- properties:
- acmeDNS:
- description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records.
- type: object
- required:
- - accountSecretRef
- - host
- properties:
- accountSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- host:
- type: string
- akamai:
- description: Use the Akamai DNS zone management API to manage DNS01 challenge records.
- type: object
- required:
- - accessTokenSecretRef
- - clientSecretSecretRef
- - clientTokenSecretRef
- - serviceConsumerDomain
- properties:
- accessTokenSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- clientSecretSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- clientTokenSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- serviceConsumerDomain:
- type: string
- azureDNS:
- description: Use the Microsoft Azure DNS API to manage DNS01 challenge records.
- type: object
- required:
- - resourceGroupName
- - subscriptionID
- properties:
- clientID:
- description: if both this and ClientSecret are left unset MSI will be used
- type: string
- clientSecretSecretRef:
- description: if both this and ClientID are left unset MSI will be used
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- environment:
- description: name of the Azure environment (default AzurePublicCloud)
- type: string
- enum:
- - AzurePublicCloud
- - AzureChinaCloud
- - AzureGermanCloud
- - AzureUSGovernmentCloud
- hostedZoneName:
- description: name of the DNS zone that should be used
- type: string
- managedIdentity:
- description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID
- type: object
- properties:
- clientID:
- description: client ID of the managed identity, can not be used at the same time as resourceID
- type: string
- resourceID:
- description: resource ID of the managed identity, can not be used at the same time as clientID
- type: string
- resourceGroupName:
- description: resource group the DNS zone is located in
- type: string
- subscriptionID:
- description: ID of the Azure subscription
- type: string
- tenantID:
- description: when specifying ClientID and ClientSecret then this field is also needed
- type: string
- cloudDNS:
- description: Use the Google Cloud DNS API to manage DNS01 challenge records.
- type: object
- required:
- - project
- properties:
- hostedZoneName:
- description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone.
- type: string
- project:
- type: string
- serviceAccountSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- cloudflare:
- description: Use the Cloudflare API to manage DNS01 challenge records.
- type: object
- properties:
- apiKeySecretRef:
- description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.'
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- apiTokenSecretRef:
- description: API token used to authenticate with Cloudflare.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- email:
- description: Email of the account, only required when using API key based authentication.
- type: string
- cnameStrategy:
- description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones.
- type: string
- enum:
- - None
- - Follow
- digitalocean:
- description: Use the DigitalOcean DNS API to manage DNS01 challenge records.
- type: object
- required:
- - tokenSecretRef
- properties:
- tokenSecretRef:
- description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- rfc2136:
- description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records.
- type: object
- required:
- - nameserver
- properties:
- nameserver:
- description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required.
- type: string
- tsigAlgorithm:
- description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.'
- type: string
- tsigKeyName:
- description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required.
- type: string
- tsigSecretSecretRef:
- description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- route53:
- description: Use the AWS Route53 API to manage DNS01 challenge records.
- type: object
- required:
- - region
- properties:
- accessKeyID:
- description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
- type: string
- accessKeyIDSecretRef:
- description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- hostedZoneID:
- description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call.
- type: string
- region:
- description: Always set the region when using AccessKeyID and SecretAccessKey
- type: string
- role:
- description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata
- type: string
- secretAccessKeySecretRef:
- description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- webhook:
- description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records.
- type: object
- required:
- - groupName
- - solverName
- properties:
- config:
- description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation.
- x-kubernetes-preserve-unknown-fields: true
- groupName:
- description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation.
- type: string
- solverName:
- description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'.
- type: string
- http01:
- description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism.
- type: object
- properties:
- gatewayHTTPRoute:
- description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future.
- type: object
- properties:
- labels:
- description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges.
- type: object
- additionalProperties:
- type: string
- parentRefs:
- description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways'
- type: array
- items:
- description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid."
- type: object
- required:
- - name
- properties:
- group:
- description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core"
- type: string
- default: gateway.networking.k8s.io
- maxLength: 253
- pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
- kind:
- description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)"
- type: string
- default: Gateway
- maxLength: 63
- minLength: 1
- pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
- name:
- description: "Name is the name of the referent. \n Support: Core"
- type: string
- maxLength: 253
- minLength: 1
- namespace:
- description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core"
- type: string
- maxLength: 63
- minLength: 1
- pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
- port:
- description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n "
- type: integer
- format: int32
- maximum: 65535
- minimum: 1
- sectionName:
- description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core"
- type: string
- maxLength: 253
- minLength: 1
- pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
- serviceType:
- description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort.
- type: string
- ingress:
- description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed.
- type: object
- properties:
- class:
- description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified.
- type: string
- ingressTemplate:
- description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges.
- type: object
- properties:
- metadata:
- description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values.
- type: object
- properties:
- annotations:
- description: Annotations that should be added to the created ACME HTTP01 solver ingress.
- type: object
- additionalProperties:
- type: string
- labels:
- description: Labels that should be added to the created ACME HTTP01 solver ingress.
- type: object
- additionalProperties:
- type: string
- name:
- description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources.
- type: string
- podTemplate:
- description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges.
- type: object
- properties:
- metadata:
- description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values.
- type: object
- properties:
- annotations:
- description: Annotations that should be added to the create ACME HTTP01 solver pods.
- type: object
- additionalProperties:
- type: string
- labels:
- description: Labels that should be added to the created ACME HTTP01 solver pods.
- type: object
- additionalProperties:
- type: string
- spec:
- description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored.
- type: object
- properties:
- affinity:
- description: If specified, the pod's scheduling constraints
- type: object
- properties:
- nodeAffinity:
- description: Describes node affinity scheduling rules for the pod.
- type: object
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
- type: array
- items:
- description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
- type: object
- required:
- - preference
- - weight
- properties:
- preference:
- description: A node selector term, associated with the corresponding weight.
- type: object
- properties:
- matchExpressions:
- description: A list of node selector requirements by node's labels.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchFields:
- description: A list of node selector requirements by node's fields.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- x-kubernetes-map-type: atomic
- weight:
- description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
- type: integer
- format: int32
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
- type: object
- required:
- - nodeSelectorTerms
- properties:
- nodeSelectorTerms:
- description: Required. A list of node selector terms. The terms are ORed.
- type: array
- items:
- description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
- type: object
- properties:
- matchExpressions:
- description: A list of node selector requirements by node's labels.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchFields:
- description: A list of node selector requirements by node's fields.
- type: array
- items:
- description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: The label key that the selector applies to.
- type: string
- operator:
- description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
- type: string
- values:
- description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- x-kubernetes-map-type: atomic
- x-kubernetes-map-type: atomic
- podAffinity:
- description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
- type: object
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
- type: array
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
- type: object
- required:
- - podAffinityTerm
- - weight
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated with the corresponding weight.
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- weight:
- description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
- type: integer
- format: int32
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
- type: array
- items:
- description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- podAntiAffinity:
- description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
- type: object
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
- type: array
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
- type: object
- required:
- - podAffinityTerm
- - weight
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated with the corresponding weight.
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- weight:
- description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
- type: integer
- format: int32
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
- type: array
- items:
- description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running
- type: object
- required:
- - topologyKey
- properties:
- labelSelector:
- description: A label query over a set of resources, in this case pods.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
- type: object
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- type: array
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- type: object
- required:
- - key
- - operator
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- type: array
- items:
- type: string
- matchLabels:
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- additionalProperties:
- type: string
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
- type: array
- items:
- type: string
- topologyKey:
- description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
- type: string
- nodeSelector:
- description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
- type: object
- additionalProperties:
- type: string
- priorityClassName:
- description: If specified, the pod's priorityClassName.
- type: string
- serviceAccountName:
- description: If specified, the pod's service account
- type: string
- tolerations:
- description: If specified, the pod's tolerations.
- type: array
- items:
- description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .
- type: object
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- type: integer
- format: int64
- value:
- description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- type: string
- serviceType:
- description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort.
- type: string
- selector:
- description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead.
- type: object
- properties:
- dnsNames:
- description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected.
- type: array
- items:
- type: string
- dnsZones:
- description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected.
- type: array
- items:
- type: string
- matchLabels:
- description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to.
- type: object
- additionalProperties:
- type: string
- ca:
- description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager.
- type: object
- required:
- - secretName
- properties:
- crlDistributionPoints:
- description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set.
- type: array
- items:
- type: string
- ocspServers:
- description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org".
- type: array
- items:
- type: string
- secretName:
- description: SecretName is the name of the secret used to sign Certificates issued by this Issuer.
- type: string
- selfSigned:
- description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object.
- type: object
- properties:
- crlDistributionPoints:
- description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings.
- type: array
- items:
- type: string
- vault:
- description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend.
- type: object
- required:
- - auth
- - path
- - server
- properties:
- auth:
- description: Auth configures how cert-manager authenticates with the Vault server.
- type: object
- properties:
- appRole:
- description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource.
- type: object
- required:
- - path
- - roleId
- - secretRef
- properties:
- path:
- description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"'
- type: string
- roleId:
- description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault.
- type: string
- secretRef:
- description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- kubernetes:
- description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server.
- type: object
- required:
- - role
- - secretRef
- properties:
- mountPath:
- description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used.
- type: string
- role:
- description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies.
- type: string
- secretRef:
- description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- tokenSecretRef:
- description: TokenSecretRef authenticates with Vault by presenting a token.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- caBundle:
- description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection.
- type: string
- format: byte
- caBundleSecretRef:
- description: Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to 'ca.crt'.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces'
- type: string
- path:
- description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".'
- type: string
- server:
- description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".'
- type: string
- venafi:
- description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone.
- type: object
- required:
- - zone
- properties:
- cloud:
- description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified.
- type: object
- required:
- - apiTokenSecretRef
- properties:
- apiTokenSecretRef:
- description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- url:
- description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1".
- type: string
- tpp:
- description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified.
- type: object
- required:
- - credentialsRef
- - url
- properties:
- caBundle:
- description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain.
- type: string
- format: byte
- credentialsRef:
- description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'.
- type: object
- required:
- - name
- properties:
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- url:
- description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".'
- type: string
- zone:
- description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required.
- type: string
- status:
- description: Status of the Issuer. This is set and managed automatically.
- type: object
- properties:
- acme:
- description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates.
- type: object
- properties:
- lastRegisteredEmail:
- description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer
- type: string
- uri:
- description: URI is the unique account identifier, which can also be used to retrieve account details from the CA
- type: string
- conditions:
- description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`.
- type: array
- items:
- description: IssuerCondition contains condition information for an Issuer.
- type: object
- required:
- - status
- - type
- properties:
- lastTransitionTime:
- description: LastTransitionTime is the timestamp corresponding to the last status change of this condition.
- type: string
- format: date-time
- message:
- description: Message is a human readable description of the details of the last transition, complementing reason.
- type: string
- observedGeneration:
- description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer.
- type: integer
- format: int64
- reason:
- description: Reason is a brief machine readable explanation for the condition's last transition.
- type: string
- status:
- description: Status of the condition, one of (`True`, `False`, `Unknown`).
- type: string
- enum:
- - "True"
- - "False"
- - Unknown
- type:
- description: Type of the condition, known values are (`Ready`).
- type: string
- x-kubernetes-list-map-keys:
- - type
- x-kubernetes-list-type: map
- served: true
- storage: true
----
-# Source: cert-manager/templates/crds.yaml
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- name: certificates.cert-manager.io
- labels:
- app: 'cert-manager'
- app.kubernetes.io/name: 'cert-manager'
- app.kubernetes.io/instance: 'cert-manager'
- # Generated labels
- app.kubernetes.io/version: "v1.11.0"
-spec:
- group: cert-manager.io
- names:
- kind: Certificate
- listKind: CertificateList
- plural: certificates
- shortNames:
- - cert
- - certs
- singular: certificate
- categories:
- - cert-manager
- scope: Namespaced
- versions:
- - name: v1
- subresources:
- status: {}
- additionalPrinterColumns:
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .spec.secretName
- name: Secret
- type: string
- - jsonPath: .spec.issuerRef.name
- name: Issuer
- priority: 1
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- priority: 1
- type: string
- - jsonPath: .metadata.creationTimestamp
- description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
- name: Age
- type: date
- schema:
- openAPIV3Schema:
- description: "A Certificate resource should be created to ensure an up to date and signed x509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. \n The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`)."
- type: object
- required:
- - spec
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: Desired state of the Certificate resource.
- type: object
- required:
- - issuerRef
- - secretName
- properties:
- additionalOutputFormats:
- description: AdditionalOutputFormats defines extra output formats of the private key and signed certificate chain to be written to this Certificate's target Secret. This is an Alpha Feature and is only enabled with the `--feature-gates=AdditionalCertificateOutputFormats=true` option on both the controller and webhook components.
- type: array
- items:
- description: CertificateAdditionalOutputFormat defines an additional output format of a Certificate resource. These contain supplementary data formats of the signed certificate chain and paired private key.
- type: object
- required:
- - type
- properties:
- type:
- description: Type is the name of the format type that should be written to the Certificate's target Secret.
- type: string
- enum:
- - DER
- - CombinedPEM
- commonName:
- description: 'CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4'
- type: string
- dnsNames:
- description: DNSNames is a list of DNS subjectAltNames to be set on the Certificate.
- type: array
- items:
- type: string
- duration:
- description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If unset this defaults to 90 days. Certificate will be renewed either 2/3 through its duration or `renewBefore` period before its expiry, whichever is later. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
- type: string
- emailAddresses:
- description: EmailAddresses is a list of email subjectAltNames to be set on the Certificate.
- type: array
- items:
- type: string
- encodeUsagesInRequest:
- description: EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest
- type: boolean
- ipAddresses:
- description: IPAddresses is a list of IP address subjectAltNames to be set on the Certificate.
- type: array
- items:
- type: string
- isCA:
- description: IsCA will mark this Certificate as valid for certificate signing. This will automatically add the `cert sign` usage to the list of `usages`.
- type: boolean
- issuerRef:
- description: IssuerRef is a reference to the issuer for this certificate. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the Certificate will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times.
- type: object
- required:
- - name
- properties:
- group:
- description: Group of the resource being referred to.
- type: string
- kind:
- description: Kind of the resource being referred to.
- type: string
- name:
- description: Name of the resource being referred to.
- type: string
- keystores:
- description: Keystores configures additional keystore output formats stored in the `secretName` Secret resource.
- type: object
- properties:
- jks:
- description: JKS configures options for storing a JKS keystore in the `spec.secretName` Secret resource.
- type: object
- required:
- - create
- - passwordSecretRef
- properties:
- create:
- description: Create enables JKS keystore creation for the Certificate. If true, a file named `keystore.jks` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. A file named `truststore.jks` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority
- type: boolean
- passwordSecretRef:
- description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- pkcs12:
- description: PKCS12 configures options for storing a PKCS12 keystore in the `spec.secretName` Secret resource.
- type: object
- required:
- - create
- - passwordSecretRef
- properties:
- create:
- description: Create enables PKCS12 keystore creation for the Certificate. If true, a file named `keystore.p12` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. A file named `truststore.p12` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority
- type: boolean
- passwordSecretRef:
- description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore.
- type: object
- required:
- - name
- properties:
- key:
- description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required.
- type: string
- name:
- description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- literalSubject:
- description: LiteralSubject is an LDAP formatted string that represents the [X.509 Subject field](https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6). Use this *instead* of the Subject field if you need to ensure the correct ordering of the RDN sequence, such as when issuing certs for LDAP authentication. See https://github.com/cert-manager/cert-manager/issues/3203, https://github.com/cert-manager/cert-manager/issues/4424. This field is alpha level and is only supported by cert-manager installations where LiteralCertificateSubject feature gate is enabled on both cert-manager controller and webhook.
- type: string
- privateKey:
- description: Options to control private keys used for the Certificate.
- type: object
- properties:
- algorithm:
- description: Algorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either `RSA`,`Ed25519` or `ECDSA` If `algorithm` is specified and `size` is not provided, key size of 256 will be used for `ECDSA` key algorithm and key size of 2048 will be used for `RSA` key algorithm. key size is ignored when using the `Ed25519` key algorithm.
- type: string
- enum:
- - RSA
- - ECDSA
- - Ed25519
- encoding:
- description: The private key cryptography standards (PKCS) encoding for this certificate's private key to be encoded in. If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 and PKCS#8, respectively. Defaults to `PKCS1` if not specified.
- type: string
- enum:
- - PKCS1
- - PKCS8
- rotationPolicy:
- description: RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. If set to Never, a private key will only be generated if one does not already exist in the target `spec.secretName`. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is 'Never' for backward compatibility.
- type: string
- enum:
- - Never
- - Always
- size:
- description: Size is the key bit size of the corresponding private key for this certificate. If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. If `algorithm` is set to `Ed25519`, Size is ignored. No other values are allowed.
- type: integer
- renewBefore:
- description: How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
- type: string
- revisionHistoryLimit:
- description: revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`.
- type: integer
- format: int32
- secretName:
- description: SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer.
- type: string
- secretTemplate:
- description: SecretTemplate defines annotations and labels to be copied to the Certificate's Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate's Secret.
- type: object
- properties:
- annotations:
- description: Annotations is a key value map to be copied to the target Kubernetes Secret.
- type: object
- additionalProperties:
- type: string
- labels:
- description: Labels is a key value map to be copied to the target Kubernetes Secret.
- type: object
- additionalProperties:
- type: string
- subject:
- description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name).
- type: object
- properties:
- countries:
- description: Countries to be used on the Certificate.
- type: array
- items:
- type: string
- localities:
- description: Cities to be used on the Certificate.
- type: array
- items:
- type: string
- organizationalUnits:
- description: Organizational Units to be used on the Certificate.
- type: array
- items:
- type: string
- organizations:
- description: Organizations to be used on the Certificate.
- type: array
- items:
- type: string
- postalCodes:
- description: Postal codes to be used on the Certificate.
- type: array
- items:
- type: string
- provinces:
- description: State/Provinces to be used on the Certificate.
- type: array
- items:
- type: string
- serialNumber:
- description: Serial number to be used on the Certificate.
- type: string
- streetAddresses:
- description: Street addresses to be used on the Certificate.
- type: array
- items:
- type: string
- uris:
- description: URIs is a list of URI subjectAltNames to be set on the Certificate.
- type: array
- items:
- type: string
- usages:
- description: Usages is the set of x509 usages that are requested for the certificate. Defaults to `digital signature` and `key encipherment` if not specified.
- type: array
- items:
- description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\""
- type: string
- enum:
- - signing
- - digital signature
- - content commitment
- - key encipherment
- - key agreement
- - data encipherment
- - cert sign
- - crl sign
- - encipher only
- - decipher only
- - any
- - server auth
- - client auth
- - code signing
- - email protection
- - s/mime
- - ipsec end system
- - ipsec tunnel
- - ipsec user
- - timestamping
- - ocsp signing
- - microsoft sgc
- - netscape sgc
- status:
- description: Status of the Certificate. This is set and managed automatically.
- type: object
- properties:
- conditions:
- description: List of status conditions to indicate the status of certificates. Known condition types are `Ready` and `Issuing`.
- type: array
- items:
- description: CertificateCondition contains condition information for an Certificate.
- type: object
- required:
- - status
- - type
- properties:
- lastTransitionTime:
- description: LastTransitionTime is the timestamp corresponding to the last status change of this condition.
- type: string
- format: date-time
- message:
- description: Message is a human readable description of the details of the last transition, complementing reason.
- type: string
- observedGeneration:
- description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Certificate.
- type: integer
- format: int64
- reason:
- description: Reason is a brief machine readable explanation for the condition's last transition.
- type: string
- status:
- description: Status of the condition, one of (`True`, `False`, `Unknown`).
- type: string
- enum:
- - "True"
- - "False"
- - Unknown
- type:
- description: Type of the condition, known values are (`Ready`, `Issuing`).
- type: string
- x-kubernetes-list-map-keys:
- - type
- x-kubernetes-list-type: map
- failedIssuanceAttempts:
- description: The number of continuous failed issuance attempts up till now. This field gets removed (if set) on a successful issuance and gets set to 1 if unset and an issuance has failed. If an issuance has failed, the delay till the next issuance will be calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1).
- type: integer
- lastFailureTime:
- description: LastFailureTime is the time as recorded by the Certificate controller of the most recent failure to complete a CertificateRequest for this Certificate resource. If set, cert-manager will not re-request another Certificate until 1 hour has elapsed from this time.
- type: string
- format: date-time
- nextPrivateKeySecretName:
- description: The name of the Secret resource containing the private key to be used for the next certificate iteration. The keymanager controller will automatically set this field if the `Issuing` condition is set to `True`. It will automatically unset this field when the Issuing condition is not set or False.
- type: string
- notAfter:
- description: The expiration time of the certificate stored in the secret named by this resource in `spec.secretName`.
- type: string
- format: date-time
- notBefore:
- description: The time after which the certificate stored in the secret named by this resource in spec.secretName is valid.
- type: string
- format: date-time
- renewalTime:
- description: RenewalTime is the time at which the certificate will be next renewed. If not set, no upcoming renewal is scheduled.
- type: string
- format: date-time
- revision:
- description: "The current 'revision' of the certificate as issued. \n When a CertificateRequest resource is created, it will have the `cert-manager.io/certificate-revision` set to one greater than the current value of this field. \n Upon issuance, this field will be set to the value of the annotation on the CertificateRequest resource used to issue the certificate. \n Persisting the value on the CertificateRequest resource allows the certificates controller to know whether a request is part of an old issuance or if it is part of the ongoing revision's issuance by checking if the revision value in the annotation is greater than this field."
- type: integer
- served: true
- storage: true
----
-# Source: cert-manager/templates/crds.yaml
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- name: orders.acme.cert-manager.io
- labels:
- app: 'cert-manager'
- app.kubernetes.io/name: 'cert-manager'
- app.kubernetes.io/instance: 'cert-manager'
- # Generated labels
- app.kubernetes.io/version: "v1.11.0"
-spec:
- group: acme.cert-manager.io
- names:
- kind: Order
- listKind: OrderList
- plural: orders
- singular: order
- categories:
- - cert-manager
- - cert-manager-acme
- scope: Namespaced
- versions:
- - name: v1
- subresources:
- status: {}
- additionalPrinterColumns:
- - jsonPath: .status.state
- name: State
- type: string
- - jsonPath: .spec.issuerRef.name
- name: Issuer
- priority: 1
- type: string
- - jsonPath: .status.reason
- name: Reason
- priority: 1
- type: string
- - jsonPath: .metadata.creationTimestamp
- description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
- name: Age
- type: date
- schema:
- openAPIV3Schema:
- description: Order is a type to represent an Order with an ACME server
- type: object
- required:
- - metadata
- - spec
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- type: object
- required:
- - issuerRef
- - request
- properties:
- commonName:
- description: CommonName is the common name as specified on the DER encoded CSR. If specified, this value must also be present in `dnsNames` or `ipAddresses`. This field must match the corresponding field on the DER encoded CSR.
- type: string
- dnsNames:
- description: DNSNames is a list of DNS names that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR.
- type: array
- items:
- type: string
- duration:
- description: Duration is the duration for the not after date for the requested certificate. this is set on order creation as pe the ACME spec.
- type: string
- ipAddresses:
- description: IPAddresses is a list of IP addresses that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR.
- type: array
- items:
- type: string
- issuerRef:
- description: IssuerRef references a properly configured ACME-type Issuer which should be used to create this Order. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Order will be marked as failed.
- type: object
- required:
- - name
- properties:
- group:
- description: Group of the resource being referred to.
- type: string
- kind:
- description: Kind of the resource being referred to.
- type: string
- name:
- description: Name of the resource being referred to.
- type: string
- request:
- description: Certificate signing request bytes in DER encoding. This will be used when finalizing the order. This field must be set on the order.
- type: string
- format: byte
- status:
- type: object
- properties:
- authorizations:
- description: Authorizations contains data returned from the ACME server on what authorizations must be completed in order to validate the DNS names specified on the Order.
- type: array
- items:
- description: ACMEAuthorization contains data returned from the ACME server on an authorization that must be completed in order validate a DNS name on an ACME Order resource.
- type: object
- required:
- - url
- properties:
- challenges:
- description: Challenges specifies the challenge types offered by the ACME server. One of these challenge types will be selected when validating the DNS name and an appropriate Challenge resource will be created to perform the ACME challenge process.
- type: array
- items:
- description: Challenge specifies a challenge offered by the ACME server for an Order. An appropriate Challenge resource can be created to perform the ACME challenge process.
- type: object
- required:
- - token
- - type
- - url
- properties:
- token:
- description: Token is the token that must be presented for this challenge. This is used to compute the 'key' that must also be presented.
- type: string
- type:
- description: Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', 'tls-sni-01', etc. This is the raw value retrieved from the ACME server. Only 'http-01' and 'dns-01' are supported by cert-manager, other values will be ignored.
- type: string
- url:
- description: URL is the URL of this challenge. It can be used to retrieve additional metadata about the Challenge from the ACME server.
- type: string
- identifier:
- description: Identifier is the DNS name to be validated as part of this authorization
- type: string
- initialState:
- description: InitialState is the initial state of the ACME authorization when first fetched from the ACME server. If an Authorization is already 'valid', the Order controller will not create a Challenge resource for the authorization. This will occur when working with an ACME server that enables 'authz reuse' (such as Let's Encrypt's production endpoint). If not set and 'identifier' is set, the state is assumed to be pending and a Challenge will be created.
- type: string
- enum:
- - valid
- - ready
- - pending
- - processing
- - invalid
- - expired
- - errored
- url:
- description: URL is the URL of the Authorization that must be completed
- type: string
- wildcard:
- description: Wildcard will be true if this authorization is for a wildcard DNS name. If this is true, the identifier will be the *non-wildcard* version of the DNS name. For example, if '*.example.com' is the DNS name being validated, this field will be 'true' and the 'identifier' field will be 'example.com'.
- type: boolean
- certificate:
- description: Certificate is a copy of the PEM encoded certificate for this Order. This field will be populated after the order has been successfully finalized with the ACME server, and the order has transitioned to the 'valid' state.
- type: string
- format: byte
- failureTime:
- description: FailureTime stores the time that this order failed. This is used to influence garbage collection and back-off.
- type: string
- format: date-time
- finalizeURL:
- description: FinalizeURL of the Order. This is used to obtain certificates for this order once it has been completed.
- type: string
- reason:
- description: Reason optionally provides more information about a why the order is in the current state.
- type: string
- state:
- description: State contains the current state of this Order resource. States 'success' and 'expired' are 'final'
- type: string
- enum:
- - valid
- - ready
- - pending
- - processing
- - invalid
- - expired
- - errored
- url:
- description: URL of the Order. This will initially be empty when the resource is first created. The Order controller will populate this field when the Order is first processed. This field will be immutable after it is initially set.
- type: string
- served: true
- storage: true
diff --git a/enterprise/cert-manager/0.0.7/ix_values.yaml b/enterprise/cert-manager/0.0.7/ix_values.yaml
deleted file mode 100644
index ce7668578f3..00000000000
--- a/enterprise/cert-manager/0.0.7/ix_values.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
-image:
- repository: tccr.io/truecharts/scratch
- tag: latest@sha256:93878048bbc350e69bf246556ef3520f343487c7ffc40f0b0655ed8a360cb932
- pullPolicy: IfNotPresent
-
-controller:
- enabled: false
-
-service:
- main:
- enabled: false
- ports:
- main:
- enabled: false
- port: 9999
-
-portal:
- enabled: false
-
-probes:
- liveness:
- enabled: false
- readiness:
- enabled: false
- startup:
- enabled: false
-
-clusterIssuer:
- selfSigned:
- enabled: true
- name: "selfsigned"
- CA: []
- # - name: myca
- # selfSigned: true
- # selfSignedCommonName: "my-selfsigned-ca"
- # # Used to manually define a CA-crt not used when selfSigned is enabled
- # crt: ""
- # key: ""
- # # TODO: Add option to use SCALE CA certs
-
- ACME: []
-# - name: letsencrypt
-# # Used for both logging in to the DNS provider AND ACME registration
-# email: ""
-# server: 'https://acme-staging-v02.api.letsencrypt.org/directory'
-# # Used primarily for the SCALE GUI
-# customServer: 'https://acme-staging-v02.api.letsencrypt.org/directory'
-# email: ""
-# # Options: HTTP01, cloudflare, route53
-# type: ""
-# # for cloudflare
-# cfapikey: ""
-# cfapitoken: ""
-# # for route53
-# region: ""
-# accessKeyID: ""
-# route53SecretAccessKey: ""
-# # optional for route53
-# role: ""
-# # for akamai
-# serviceConsumerDomain: ""
-# akclientToken: ""
-# akclientSecret: ""
-# akaccessToken: ""
-# # for digitalocean
-# doaccessToken: ""
-# # for rfc2136
-# nameserver: ""
-# tsigKeyName: ""
-# tsigAlgorithm: ""
-# rfctsigSecret: ""
-
-metrics:
- enabled: true
diff --git a/enterprise/cert-manager/0.0.7/questions.yaml b/enterprise/cert-manager/0.0.7/questions.yaml
deleted file mode 100644
index 524924eb22b..00000000000
--- a/enterprise/cert-manager/0.0.7/questions.yaml
+++ /dev/null
@@ -1,375 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: clusterIssuer
- group: App Configuration
- label: Cluster Certificate Issuer
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ACME
- label: 'ACME Issuer'
- schema:
- type: list
- default: []
- items:
- - variable: ACMEEntry
- label: 'ACME Issuer Entry'
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: "Name to give the issuer"
- schema:
- type: string
- required: true
- default: ""
- - variable: type
- label: Type or DNS-Provider
- description: DNS Provider
- schema:
- type: string
- default: cloudflare
- enum:
- - value: cloudflare
- description: Cloudflare
- - value: route53
- description: Route53
- - value: akamai
- description: Akamai
- - value: digitalocean
- description: Digitalocean
- - value: rfc2136
- description: rfc2136 (Advanced)
- - value: HTTP01
- description: HTTP01 (Experimental)
- - variable: server
- label: Server
- description: "Server for ACME, for example: letsencrypt"
- schema:
- type: string
- show_if: [["type", "!=", "HTTP01"]]
- default: 'Letsencrypt-Production'
- enum:
- - value: 'https://acme-v02.api.letsencrypt.org/directory'
- description: Letsencrypt-Production
- - value: 'https://acme-staging-v02.api.letsencrypt.org/directory'
- description: Letsencrypt-Staging
- - value: 'https://api.buypass.no/acme-v02/directory'
- description: BuyPass-Production
- - value: 'https://api.test4.buypass.no/acme-v02/directory'
- description: BuyPass-Staging
- - value: custom
- description: Custom
- - variable: customServer
- label: Custom ACME Server (Advanced)
- description: "This can be used to enter your own custom ACME server"
- schema:
- type: string
- show_if: [["server", "=", "custom"]]
- default: 'https://acme-staging-v02.api.letsencrypt.org/directory'
- - variable: email
- label: Email
- description: "Email adress to use for certificate issuing must match your DNS provider email when required"
- schema:
- type: string
- required: true
- show_if: [["type", "!=", "HTTP01"]]
- default: "something@example.com"
- - variable: cfapikey
- label: CloudFlare API key
- description: "CloudFlare API Key"
- schema:
- show_if: [["type", "=", "cloudflare"]]
- type: string
- default: ""
- - variable: cfapitoken
- label: CloudFlare API Token
- description: "CloudFlare API Token"
- schema:
- show_if: [["type", "=", "cloudflare"]]
- type: string
- default: ""
- - variable: region
- label: Route53 Region
- description: "Route 53 Region"
- schema:
- show_if: [["type", "=", "route53"]]
- type: string
- required: true
- default: "us-west-1"
- - variable: accessKeyID
- label: Route53 accessKeyID
- description: "Route53 accessKeyID"
- schema:
- show_if: [["type", "=", "route53"]]
- type: string
- required: true
- default: ""
- - variable: route53SecretAccessKey
- label: Route53 Secret Access Key
- description: "Route53 Secret Access Key"
- schema:
- show_if: [["type", "=", "route53"]]
- type: string
- required: true
- default: ""
- - variable: role
- label: Route53 Role (optional)
- description: "Route53 Role"
- schema:
- show_if: [["type", "=", "route53"]]
- type: string
- default: ""
- - variable: serviceConsumerDomain
- label: Akamai Service Consumer Domain
- description: "Akamai Service Consumer Domain"
- schema:
- show_if: [["type", "=", "akamai"]]
- type: string
- required: true
- default: ""
- - variable: akclientToken
- label: Akamai Client Token
- description: "Client Token"
- schema:
- show_if: [["type", "=", "akamai"]]
- type: string
- required: true
- default: ""
- - variable: akclientSecret
- label: Akamai Client Secret
- description: "Akamai Client Secret"
- schema:
- show_if: [["type", "=", "akamai"]]
- type: string
- required: true
- default: ""
- - variable: akaccessToken
- label: Akamai Access Token
- description: "Akamai Access Token"
- schema:
- show_if: [["type", "=", "akamai"]]
- type: string
- required: true
- default: ""
- - variable: doaccessToken
- label: Digitalocean Access Token
- description: "Digitalocean Access Token"
- schema:
- show_if: [["type", "=", "digitalocean"]]
- type: string
- required: true
- default: ""
- - variable: nameserver
- label: rfc2136 Namesever
- description: "rfc2136 Namesever"
- schema:
- show_if: [["type", "=", "digitalocean"]]
- type: string
- required: true
- default: ""
- - variable: tsigKeyName
- label: rfc2136 tsig Key Name
- description: "rfc2136 tsig Key Name"
- schema:
- show_if: [["type", "=", "digitalocean"]]
- type: string
- required: true
- default: ""
- - variable: tsigAlgorithm
- label: rfc2136 tsig Algorithm
- description: "rfc2136 tsig Algorithm"
- schema:
- show_if: [["type", "=", "digitalocean"]]
- type: string
- required: true
- default: ""
- - variable: rfctsigSecret
- label: rfc2136 sig Secret
- description: "rfc2136 sig Secret"
- schema:
- show_if: [["type", "=", "digitalocean"]]
- type: string
- required: true
- default: ""
-
- - variable: CA
- label: Certiticate Authority Issuer
- schema:
- type: list
- default: []
- items:
- - variable: CAEntry
- label: 'CA Issuer Entry'
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: "Name to give the issuer"
- schema:
- type: string
- required: true
- default: ""
- - variable: selfSigned
- label: selfSigned
- description: "Create Self Signed CA cert"
- schema:
- type: boolean
- default: true
- - variable: selfSignedCommonName
- label: selfSigned CommonName
- description: "Common name for selfSigned Certiticate Authority"
- schema:
- type: string
- required: true
- show_if: [["selfSigned", "=", "true"]]
- default: "my-selfsigned-ca"
- - variable: crt
- label: "Custom CA cert (experimental)"
- description: "certificate for Certiticate Authority"
- schema:
- type: string
- required: true
- show_if: [["selfSigned", "=", "false"]]
- default: ""
- - variable: key
- label: "Custom CA key (experimental)"
- description: "key Certiticate Authority"
- schema:
- type: string
- required: true
- show_if: [["selfSigned", "=", "false"]]
- default: ""
-
- - variable: selfSigned
- label: 'SelfSigned Issuer'
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: enabled
- description: "Enable self-signed issuer"
- schema:
- type: boolean
- default: true
- - variable: name
- label: Name
- description: "Name to give the issuer"
- schema:
- type: string
- required: true
- default: "selfSigned"
-
-
-
- - variable: metrics
- group: Metrics
- label: Prometheus Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: serviceMonitor
- label: Service Monitor Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: interval
- label: Scrape Interval
- description: Scrape interval time
- schema:
- type: string
- default: 1m
- required: true
- - variable: scrapeTimeout
- label: Scrape Timeout
- description: Scrape timeout Time
- schema:
- type: string
- default: 30s
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/cert-manager/0.0.7/templates/_metrics.tpl b/enterprise/cert-manager/0.0.7/templates/_metrics.tpl
deleted file mode 100644
index 5109fae1ac0..00000000000
--- a/enterprise/cert-manager/0.0.7/templates/_metrics.tpl
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- define "certmanager.metrics" -}}
-{{- if .Values.metrics.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: PodMonitor
-metadata:
- name: cert-manager
- namespace: cert-manager
- labels:
- app: cert-manager
- app.kubernetes.io/name: cert-manager
- app.kubernetes.io/instance: cert-manager
- app.kubernetes.io/component: "controller"
-spec:
- jobLabel: app.kubernetes.io/name
- selector:
- matchLabels:
- app: cert-manager
- app.kubernetes.io/name: cert-manager
- app.kubernetes.io/instance: cert-manager
- app.kubernetes.io/component: "controller"
- podMetricsEndpoints:
- - port: http
- honorLabels: true
-{{- end }}
-{{- end -}}
diff --git a/enterprise/cert-manager/0.0.7/templates/_wait.tpl b/enterprise/cert-manager/0.0.7/templates/_wait.tpl
deleted file mode 100644
index 454a5578a68..00000000000
--- a/enterprise/cert-manager/0.0.7/templates/_wait.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{- define "certmanager.wait" }}
-{{- $fullName := include "tc.common.names.fullname" . }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- namespace: {{ .Release.Namespace }}
- name: {{ $fullName }}-wait
- annotations:
- "helm.sh/hook": pre-install, pre-upgrade
- "helm.sh/hook-weight": "-1"
- "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
-spec:
- template:
- spec:
- serviceAccountName: {{ $fullName }}-wait
- containers:
- - name: {{ $fullName }}-wait
- image: {{ .Values.kubectlImage.repository }}:v1.26.0
- securityContext:
- runAsUser: 568
- runAsGroup: 568
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- command:
- - "/bin/sh"
- - "-c"
- - |
- /bin/sh <<'EOF'
- kubectl wait --namespace metallb-system --for=condition=ready pod --selector=app=metallb --timeout=90s || echo "metallb-system wait failed..."
- kubectl wait --namespace cert-manager --for=condition=ready pod --selector=app=cert-manager --timeout=90s || echo "cert-manager wait failed..."
- cmctl check api --wait=2m || echo "cmctl wait failed..."
- EOF
- volumeMounts:
- - name: {{ $fullName }}-manifests-temp
- mountPath: /tmp
- - name: {{ $fullName }}-manifests-home
- mountPath: /home/apps/
- restartPolicy: Never
- volumes:
- - name: {{ $fullName }}-manifests-temp
- emptyDir: {}
- - name: {{ $fullName }}-manifests-home
- emptyDir: {}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ $fullName }}-wait
- annotations:
- "helm.sh/hook": pre-install, pre-upgrade
- "helm.sh/hook-weight": "-2"
- "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
-rules:
- - apiGroups: ["*"]
- resources: ["*"]
- verbs: ["*"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ $fullName }}-wait
- annotations:
- "helm.sh/hook": pre-install, pre-upgrade
- "helm.sh/hook-weight": "-2"
- "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ $fullName }}-wait
-subjects:
- - kind: ServiceAccount
- name: {{ $fullName }}-wait
- namespace: {{ .Release.Namespace }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ $fullName }}-wait
- namespace: {{ .Release.Namespace }}
- annotations:
- "helm.sh/hook": pre-install, pre-upgrade
- "helm.sh/hook-weight": "-2"
- "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
-{{- end }}
diff --git a/enterprise/cert-manager/0.0.7/templates/clusterissuer/_ACME.tpl b/enterprise/cert-manager/0.0.7/templates/clusterissuer/_ACME.tpl
deleted file mode 100644
index 92d25c95ae3..00000000000
--- a/enterprise/cert-manager/0.0.7/templates/clusterissuer/_ACME.tpl
+++ /dev/null
@@ -1,88 +0,0 @@
-{{- define "certmanager.clusterissuer.acme" -}}
-{{- range .Values.clusterIssuer.acme }}
----
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
- name: {{ .name }}
-spec:
- acme:
- email: {{ .email }}
- server: {{ if eq .server "custom" }}{{ .customServer }}{{ else }}{{ .server }}{{ end }}
- privateKeySecretRef:
- name: {{ .name }}-acme-clusterissuer-account-key
- solvers:
- {{- if eq .type "HTTP01" }}
- - http01:
- ingress:
- {{- else }}
- - dns01:
- {{- if eq .type "cloudflare" }}
- cloudflare:
- email: {{ .email }}
- {{- if .cfapitoken }}
- apiTokenSecretRef:
- name: {{ .name }}-clusterissuer-secret
- key: cf-api-token
- {{- else if .cfapikey }}
- name: {{ .name }}-clusterissuer-secret
- key: cf-api-key
- {{ else }}
- {{- fail "A cloudflare API key or token is required" }}
- {{- end }}
- {{- else if eq .type "route53" }}
- route53:
- region: {{ .region }}
- accessKeyID: {{ .accessKeyID }}
- {{- if .role }}
- role: {{ .role }}
- {{- end }}
- secretAccessKeySecretRef:
- name: prod-route53-credentials-secret
- key: route53-secret-access-key
- {{- else if eq .type "akamai" }}
- akamai:
- serviceConsumerDomain: {{ .serviceConsumerDomain }}
- clientTokenSecretRef:
- name: {{ .name }}-clusterissuer-secret
- key: akclientToken
- clientSecretSecretRef:
- name: {{ .name }}-clusterissuer-secret
- key: akclientSecret
- accessTokenSecretRef:
- name: {{ .name }}-clusterissuer-secret
- key: akaccessToken
- {{- else if eq .type "digitalocean" }}
- digitalocean:
- tokenSecretRef:
- name: {{ .name }}-clusterissuer-secret
- key: doaccessToken
- {{- else if eq .type "rfc2136" }}
- rfc2136:
- nameserver: {{ .nameserver }}
- tsigKeyName: {{ .tsigKeyName }}
- tsigAlgorithm: {{ .tsigAlgorithm }}
- tsigSecretSecretRef:
- name: {{ .name }}-clusterissuer-secret
- key: rfctsigSecret
- {{- else }}
- {{- fail "No correct ACME type entered..." }}
- {{- end }}
- {{- end }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .name }}-clusterissuer-secret
-type: Opaque
-stringData:
- cf-api-token: {{ .cfapitoken | default "" }}
- cf-api-key: {{ .cfapikey | default "" }}
- route53-secret-access-key: {{ .route53SecretAccessKey | default "" }}
- akclientToken: {{ .akclientToken | default "" }}
- akclientSecret: {{ .akclientSecret | default "" }}
- akaccessToken: {{ .akaccessToken | default "" }}
- doaccessToken: {{ .doaccessToken | default "" }}
- rfctsigSecret: {{ .rfctsigSecret | default "" }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/cert-manager/0.0.7/templates/clusterissuer/_CA.tpl b/enterprise/cert-manager/0.0.7/templates/clusterissuer/_CA.tpl
deleted file mode 100644
index 01fcb311295..00000000000
--- a/enterprise/cert-manager/0.0.7/templates/clusterissuer/_CA.tpl
+++ /dev/null
@@ -1,48 +0,0 @@
-{{- define "certmanager.clusterissuer.ca" -}}
-{{- range .Values.clusterIssuer.CA }}
-{{- if .selfSigned }}
----
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
- name: {{ .name }}-selfsigned-ca-issuer
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: {{ .name }}-selfsigned-ca
- namespace: cert-manager
-spec:
- isCA: true
- commonName: {{ .selfSignedCommonName }}
- secretName: {{ .name }}-ca
- privateKey:
- algorithm: ECDSA
- size: 256
- issuerRef:
- name: selfsigned-ca-issuer
- kind: ClusterIssuer
- group: cert-manager.io
-{{- else }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .name }}-ca
- namespace: cert-manager
-data:
- tls.crt: {{ .crt | b64enc }}
- tls.key: {{ .key | b64enc }}
-{{- end }}
----
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
- name: {{ .name }}
-spec:
- ca:
- secretName: {{ .name }}-ca
-{{- end }}
-{{- end -}}
diff --git a/enterprise/cert-manager/0.0.7/templates/clusterissuer/_selfSigned.tpl b/enterprise/cert-manager/0.0.7/templates/clusterissuer/_selfSigned.tpl
deleted file mode 100644
index 74a491b40d0..00000000000
--- a/enterprise/cert-manager/0.0.7/templates/clusterissuer/_selfSigned.tpl
+++ /dev/null
@@ -1,11 +0,0 @@
-{{- define "certmanager.clusterissuer.selfsigned" -}}
-{{- if .Values.clusterIssuer.selfSigned.enabled }}
----
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
- name: {{ .Values.clusterIssuer.selfSigned.name }}
-spec:
- selfSigned: {}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/cert-manager/0.0.7/templates/common.yaml b/enterprise/cert-manager/0.0.7/templates/common.yaml
deleted file mode 100644
index c2a170196bc..00000000000
--- a/enterprise/cert-manager/0.0.7/templates/common.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
-
-{{- include "certmanager.clusterissuer.acme" . }}
-{{- include "certmanager.clusterissuer.selfsigned" . }}
-{{- include "certmanager.clusterissuer.ca" . }}
-{{- include "certmanager.metrics" . }}
-{{- include "certmanager.wait" . }}
diff --git a/enterprise/cert-manager/0.0.7/values.yaml b/enterprise/cert-manager/0.0.7/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/grafana/6.0.31/CHANGELOG.md b/enterprise/grafana/6.0.31/CHANGELOG.md
deleted file mode 100644
index 0ed5183fd4e..00000000000
--- a/enterprise/grafana/6.0.31/CHANGELOG.md
+++ /dev/null
@@ -1,80 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [grafana-6.0.31](https://github.com/truecharts/charts/compare/grafana-6.0.30...grafana-6.0.31) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/grafana to 9.3.6
-
-
-
-
-## [grafana-6.0.30](https://github.com/truecharts/charts/compare/grafana-6.0.29...grafana-6.0.30) (2023-02-26)
-
-### Chore
-
-- update container image tccr.io/truecharts/grafana to 9.3.6
-
-
-
-
-## [grafana-6.0.29](https://github.com/truecharts/charts/compare/grafana-6.0.28...grafana-6.0.29) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/grafana to 9.3.6
-
-
-
-
-## [grafana-6.0.28](https://github.com/truecharts/charts/compare/grafana-6.0.27...grafana-6.0.28) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/grafana to 9.3.6
-
-
-
-
-## [grafana-6.0.27](https://github.com/truecharts/charts/compare/grafana-6.0.26...grafana-6.0.27) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [grafana-6.0.26](https://github.com/truecharts/charts/compare/grafana-image-renderer-2.0.10...grafana-6.0.26) (2023-02-08)
-
-### Chore
-
-- update container image tccr.io/truecharts/grafana to v9.3.6
-
-
-
-
-## [grafana-6.0.25](https://github.com/truecharts/charts/compare/grafana-6.0.24...grafana-6.0.25) (2023-01-24)
-
-### Chore
-
-- update container image tccr.io/truecharts/grafana to 9.3.2
-
-
-
-
-## [grafana-6.0.24](https://github.com/truecharts/charts/compare/grafana-6.0.23...grafana-6.0.24) (2023-01-18)
-
-### Chore
-
-- update container image tccr.io/truecharts/grafana to 9.3.2
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
-
\ No newline at end of file
diff --git a/enterprise/grafana/6.0.31/Chart.yaml b/enterprise/grafana/6.0.31/Chart.yaml
deleted file mode 100644
index e311a6e1c00..00000000000
--- a/enterprise/grafana/6.0.31/Chart.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: v2
-appVersion: "9.3.6"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB.
-home: https://truecharts.org/charts/enterprise/grafana
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/grafana.png
-keywords:
- - analytics
- - monitoring
- - metrics
- - logs
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: grafana
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/grafana
- - https://hub.docker.com/r/bitnami/grafana
- - https://github.com/bitnami/bitnami-docker-grafana
- - https://grafana.com/
-type: application
-version: 6.0.31
-annotations:
- truecharts.org/catagories: |
- - metrics
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/grafana/6.0.31/LICENSE b/enterprise/grafana/6.0.31/LICENSE
deleted file mode 100644
index 93c3f61c61e..00000000000
--- a/enterprise/grafana/6.0.31/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Grafana" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/grafana/6.0.31/README.md b/enterprise/grafana/6.0.31/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/grafana/6.0.31/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/grafana/6.0.31/app-changelog.md b/enterprise/grafana/6.0.31/app-changelog.md
deleted file mode 100644
index 7d6f71760dd..00000000000
--- a/enterprise/grafana/6.0.31/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [grafana-6.0.31](https://github.com/truecharts/charts/compare/grafana-6.0.30...grafana-6.0.31) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/grafana to 9.3.6
-
-
\ No newline at end of file
diff --git a/enterprise/grafana/6.0.31/app-readme.md b/enterprise/grafana/6.0.31/app-readme.md
deleted file mode 100644
index c4893171943..00000000000
--- a/enterprise/grafana/6.0.31/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/grafana](https://truecharts.org/charts/enterprise/grafana)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/grafana/6.0.31/charts/common-11.1.2.tgz b/enterprise/grafana/6.0.31/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/enterprise/grafana/6.0.31/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/enterprise/grafana/6.0.31/ix_values.yaml b/enterprise/grafana/6.0.31/ix_values.yaml
deleted file mode 100644
index 8f0a09ca33f..00000000000
--- a/enterprise/grafana/6.0.31/ix_values.yaml
+++ /dev/null
@@ -1,79 +0,0 @@
-image:
- repository: tccr.io/truecharts/grafana
- pullPolicy: IfNotPresent
- tag: 9.3.6@sha256:e9d2674578a97b9442af115c6137fa0bc7273984109d7b9ea1ea17e2ceba1129
-
-securityContext:
- readOnlyRootFilesystem: false
-
-service:
- main:
- ports:
- main:
- protocol: HTTP
- targetPort: 3000
- port: 10038
-
-probes:
- liveness:
- path: "/api/health"
-
- readiness:
- path: "/api/health"
-
- startup:
- path: "/api/health"
-
-secretEnv:
- GF_SECURITY_ADMIN_USER: "admin"
- GF_SECURITY_ADMIN_PASSWORD: "testpassword"
-
-env:
- GF_INSTALL_PLUGINS: ""
- GF_PATHS_PLUGINS: "/opt/bitnami/grafana/data/plugins"
- GF_AUTH_LDAP_ENABLED: "false"
- GF_AUTH_LDAP_CONFIG_FILE: "/opt/bitnami/grafana/conf/ldap.toml"
- GF_AUTH_LDAP_ALLOW_SIGN_UP: "false"
- GF_PATHS_PROVISIONING: "/opt/bitnami/grafana/conf/provisioning"
- GF_PATHS_CONFIG: "/opt/bitnami/grafana/conf/grafana.ini"
- GF_PATHS_DATA: "/opt/bitnami/grafana/data"
- GF_PATHS_LOGS: "/opt/bitnami/grafana/logs"
-
-persistence:
- config:
- enabled: true
- mountPath: "/opt/bitnami/grafana/data"
- grafana-tmp:
- enabled: true
- type: emptyDir
- mountPath: /opt/bitnami/grafana/tmp
-
-metrics:
- # -- Enable and configure a Prometheus serviceMonitor for the chart under this key.
- # @default -- See values.yaml
- enabled: false
- serviceMonitor:
- interval: 1m
- scrapeTimeout: 30s
- labels: {}
- # -- Enable and configure Prometheus Rules for the chart under this key.
- # @default -- See values.yaml
- prometheusRule:
- enabled: false
- labels: {}
- # -- Configure additionial rules for the chart under this key.
- # @default -- See prometheusrules.yaml
- rules:
- []
- # - alert: UnifiPollerAbsent
- # annotations:
- # description: Unifi Poller has disappeared from Prometheus service discovery.
- # summary: Unifi Poller is down.
- # expr: |
- # absent(up{job=~".*unifi-poller.*"} == 1)
- # for: 5m
- # labels:
- # severity: critical
-
-portal:
- enabled: true
diff --git a/enterprise/grafana/6.0.31/questions.yaml b/enterprise/grafana/6.0.31/questions.yaml
deleted file mode 100644
index 2cfcf03de62..00000000000
--- a/enterprise/grafana/6.0.31/questions.yaml
+++ /dev/null
@@ -1,1967 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: secretEnv
- group: "App Configuration"
- label: "Secret Image Environment"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: GF_SECURITY_ADMIN_USER
- label: "Admin User"
- schema:
- type: string
- required: true
- default: "admin"
- - variable: GF_SECURITY_ADMIN_PASSWORD
- label: "Admin Password"
- schema:
- type: string
- required: true
- private: true
- default: "REPLACETHIS"
- - variable: env
- group: "App Configuration"
- label: "Image Environment"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: GF_INSTALL_PLUGINS
- label: "Extra Plugins to Install"
- description: "comma seperated"
- schema:
- type: string
- default: ""
- - variable: GF_AUTH_LDAP_ENABLED
- label: "enable LDAP"
- schema:
- type: boolean
- default: false
- - variable: GF_AUTH_LDAP_ALLOW_SIGN_UP
- label: "Allow LDAP Signup"
- schema:
- type: boolean
- default: false
- - variable: GF_AUTH_LDAP_CONFIG_FILE
- label: "LDAP Config Path"
- schema:
- type: string
- default: "/opt/bitnami/grafana/conf/ldap.toml"
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10038
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: metrics
- group: Metrics
- label: Prometheus Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: serviceMonitor
- label: Service Monitor Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: interval
- label: Scrape Interval
- description: Scrape interval time
- schema:
- type: string
- default: 1m
- required: true
- - variable: scrapeTimeout
- label: Scrape Timeout
- description: Scrape timeout Time
- schema:
- type: string
- default: 30s
- required: true
- - variable: prometheusRule
- label: PrometheusRule
- description: Enable and configure Prometheus Rules for the App.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: false
- # TODO: Rule List section
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/grafana/6.0.31/templates/common.yaml b/enterprise/grafana/6.0.31/templates/common.yaml
deleted file mode 100644
index c1a366e1cf0..00000000000
--- a/enterprise/grafana/6.0.31/templates/common.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "tc.common.loader.all" . }}
diff --git a/enterprise/grafana/6.0.31/templates/prometheusrules.yaml b/enterprise/grafana/6.0.31/templates/prometheusrules.yaml
deleted file mode 100644
index 35b77edf0f6..00000000000
--- a/enterprise/grafana/6.0.31/templates/prometheusrules.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: PrometheusRule
-metadata:
- name: {{ include "tc.common.names.fullname" . }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- {{- with .Values.metrics.prometheusRule.labels }}
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- groups:
- - name: {{ include "tc.common.names.fullname" . }}
- rules:
- {{- with .Values.metrics.prometheusRule.rules }}
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/grafana/6.0.31/templates/servicemonitor.yaml b/enterprise/grafana/6.0.31/templates/servicemonitor.yaml
deleted file mode 100644
index cec4d368093..00000000000
--- a/enterprise/grafana/6.0.31/templates/servicemonitor.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-{{- if .Values.metrics.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- name: {{ include "tc.common.names.fullname" . }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- {{- with .Values.metrics.serviceMonitor.labels }}
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "tc.common.labels.selectorLabels" . | nindent 6 }}
- endpoints:
- - port: main
- {{- with .Values.metrics.serviceMonitor.interval }}
- interval: {{ . }}
- {{- end }}
- {{- with .Values.metrics.serviceMonitor.scrapeTimeout }}
- scrapeTimeout: {{ . }}
- {{- end }}
- path: /metrics
-{{- end }}
diff --git a/enterprise/grafana/6.0.31/values.yaml b/enterprise/grafana/6.0.31/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/metallb/7.0.12/CHANGELOG.md b/enterprise/metallb/7.0.12/CHANGELOG.md
deleted file mode 100644
index 079b9006694..00000000000
--- a/enterprise/metallb/7.0.12/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [metallb-7.0.12](https://github.com/truecharts/charts/compare/metallb-7.0.11...metallb-7.0.12) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/scratch to latest
-
-
-
-
-## [metallb-7.0.11](https://github.com/truecharts/charts/compare/metallb-7.0.10...metallb-7.0.11) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [metallb-7.0.10](https://github.com/truecharts/charts/compare/metallb-7.0.9...metallb-7.0.10) (2023-01-18)
-
-### Chore
-
-- update container image tccr.io/truecharts/scratch to latest ([#6460](https://github.com/truecharts/charts/issues/6460))
-
-
-
-
-## [metallb-7.0.9](https://github.com/truecharts/charts/compare/metallb-7.0.8...metallb-7.0.9) (2023-01-18)
-
-### Chore
-
-- pin container image tccr.io/truecharts/scratch to latest
-
-
-
-
-## [metallb-7.0.8](https://github.com/truecharts/charts/compare/metallb-7.0.7...metallb-7.0.8) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [metallb-7.0.7](https://github.com/truecharts/charts/compare/metallb-7.0.6...metallb-7.0.7) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [metallb-7.0.6](https://github.com/truecharts/charts/compare/metallb-7.0.5...metallb-7.0.6) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [metallb-7.0.5](https://github.com/truecharts/charts/compare/metallb-7.0.4...metallb-7.0.5) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [metallb-7.0.4](https://github.com/truecharts/charts/compare/metallb-7.0.3...metallb-7.0.4) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [metallb-7.0.3](https://github.com/truecharts/charts/compare/metallb-7.0.2...metallb-7.0.3) (2022-11-30)
-
-
-
-
-## [metallb-7.0.3](https://github.com/truecharts/charts/compare/metallb-7.0.2...metallb-7.0.3) (2022-11-30)
-
-
-
-
-## [metallb-7.0.3](https://github.com/truecharts/charts/compare/metallb-7.0.2...metallb-7.0.3) (2022-11-30)
-
diff --git a/enterprise/metallb/7.0.12/Chart.yaml b/enterprise/metallb/7.0.12/Chart.yaml
deleted file mode 100644
index 96e13641717..00000000000
--- a/enterprise/metallb/7.0.12/Chart.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-apiVersion: v2
-appVersion: "latest"
-deprecated: false
-description: A network load-balancer implementation for Kubernetes using standard routing protocols
-home: https://truecharts.org/charts/enterprise/metallb
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/metallb.png
-keywords:
- - metallb
- - loadbalancer
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: metallb
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/metallb
- - https://github.com/metallb/metallb
- - https://metallb.universe.tf
-type: application
-version: 7.0.12
-annotations:
- truecharts.org/catagories: |
- - core
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/metallb/7.0.12/LICENSE b/enterprise/metallb/7.0.12/LICENSE
deleted file mode 100644
index 4dfe12ac30e..00000000000
--- a/enterprise/metallb/7.0.12/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "MetalLB" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/metallb/7.0.12/README.md b/enterprise/metallb/7.0.12/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/metallb/7.0.12/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/metallb/7.0.12/app-changelog.md b/enterprise/metallb/7.0.12/app-changelog.md
deleted file mode 100644
index 46de3612d71..00000000000
--- a/enterprise/metallb/7.0.12/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [metallb-7.0.12](https://github.com/truecharts/charts/compare/metallb-7.0.11...metallb-7.0.12) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/scratch to latest
-
-
\ No newline at end of file
diff --git a/enterprise/metallb/7.0.12/app-readme.md b/enterprise/metallb/7.0.12/app-readme.md
deleted file mode 100644
index 8dc9cad3215..00000000000
--- a/enterprise/metallb/7.0.12/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-A network load-balancer implementation for Kubernetes using standard routing protocols
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/metallb](https://truecharts.org/charts/enterprise/metallb)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/metallb/7.0.12/charts/common-11.1.2.tgz b/enterprise/metallb/7.0.12/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/enterprise/metallb/7.0.12/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/enterprise/metallb/7.0.12/ix_values.yaml b/enterprise/metallb/7.0.12/ix_values.yaml
deleted file mode 100644
index f210c4eb055..00000000000
--- a/enterprise/metallb/7.0.12/ix_values.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
-image:
- repository: tccr.io/truecharts/scratch
- tag: latest@sha256:93878048bbc350e69bf246556ef3520f343487c7ffc40f0b0655ed8a360cb932
- pullPolicy: IfNotPresent
-
-controller:
- enabled: false
-
-service:
- main:
- enabled: false
- ports:
- main:
- enabled: false
- port: 9999
-
-updateCRD: false
-
-portal:
- enabled: false
-
-probes:
- liveness:
- enabled: false
- readiness:
- enabled: false
- startup:
- enabled: false
-
-configmap:
- config:
- enabled: true
- data:
- placeholderdata: "something"
-
-ipAddressPools: []
-# - name: example
-# autoAssign: true
-# avoidBuggyIPs: true
-# addresses:
-# - 192.168.1.1-192.168.1.100
-L2Advertisements: []
-# - name: l2adv
-# addressPools:
-# - pool1
-# nodeSelectors:
-# - nodeA
-BGPAdvertisements: []
-# - name: bgpadv
-# addressPools:
-# - pool1
-# aggregationLength: 24
-# localpref: 100
-# communities:
-# - 1234:1
-# peers:
-# - peer1
-Communities: []
-# - name: community1
-# value: 1234:1
-Peers: []
-# - name: peer1
-# myASN: 1234
-# password: pass
-# routerID: 1234
-# bfdProfile: profile
-# ebgpMultiHop: false
-# holdTime: 10
-# keepaliveTime: 10
-# peerAddress: 172.30.0.2
-# peerPort: 179
-# sourceAddress: 172.30.0.3
-# nodeSelectors:
-# - nodeA
diff --git a/enterprise/metallb/7.0.12/questions.yaml b/enterprise/metallb/7.0.12/questions.yaml
deleted file mode 100644
index f6916650b0c..00000000000
--- a/enterprise/metallb/7.0.12/questions.yaml
+++ /dev/null
@@ -1,362 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: ipAddressPools
- group: App Configuration
- label: IP Address Pools Object
- schema:
- type: list
- default: []
- items:
- - variable: ipAddressPoolsEntry
- label: IP Address Pool Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: Name of the IP address pool
- schema:
- type: string
- required: true
- default: ""
- - variable: autoAssign
- label: Auto Assign
- description: AutoAssign flag used to prevent MetallB from automatic
- allocation for a pool.
- schema:
- type: boolean
- default: true
- - variable: avoidBuggyIPs
- label: Avoid Buggy IPs
- description: AvoidBuggyIPs prevents addresses ending with .0 and .255
- to be used by a pool.
- schema:
- type: boolean
- default: false
- - variable: addresses
- label: Addresses Pools
- description: A list of IP address ranges over which MetalLB has authority.
- You can list multiple ranges in a single pool, they will all share
- the same settings. Each range can be either a CIDR prefix, or an
- explicit start-end range of IPs.
- schema:
- type: list
- default: []
- items:
- - variable: addressPoolEntry
- label: Address Pool Entry
- schema:
- type: string
- default: ""
- required: true
- - variable: L2Advertisements
- group: App Configuration
- label: L2 Advertisements
- description: L2Advertisement allows to advertise the LoadBalancer IPs provided
- by the selected pools via L2.
- schema:
- type: list
- default: []
- items:
- - variable: L2AdvertisementEntry
- label: L2 Advertisement Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: Name of the L2 Advertisement
- schema:
- type: string
- required: true
- default: ""
- - variable: addressPools
- label: Address Pools
- description: The list of IPAddressPools to advertise via this advertisement,
- selected by name.
- schema:
- type: list
- default: []
- items:
- - variable: addressPoolEntry
- label: Address Pool Entry
- schema:
- type: string
- default: ""
- required: true
- - variable: nodeSelectors
- label: Node Selectors
- description: NodeSelectors allows to limit the nodes to announce as
- next hops for the LoadBalancer IP. When empty, all the nodes having are
- announced as next hops.
- schema:
- type: list
- default: []
- items:
- - variable: nodeSelectorEntry
- label: Node Selector Entry
- schema:
- type: string
- default: ""
- required: true
- - variable: Communities
- group: App Configuration
- label: Communities
- description: Community is a collection of aliases for communities. Users can
- define named aliases to be used in the BGPPeer CRD.
- schema:
- type: list
- default: []
- items:
- - variable: CommunityEntry
- label: Community Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: The name of the alias for the community.
- schema:
- type: string
- required: true
- default: ""
- - variable: value
- label: Value
- description: The BGP community value corresponding to the given name.
- schema:
- type: string
- required: true
- default: ""
- - variable: Peers
- group: App Configuration
- label: Peers
- description: BGPPeer is the Schema for the peers API.
- schema:
- type: list
- default: []
- items:
- - variable: PeerEntry
- label: Peer Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: The name of the peer.
- schema:
- type: string
- required: true
- default: ""
- - variable: bfdProfile
- label: BFD Profile
- description: The name of the BFD Profile to be used for the BFD session
- associated to the BGP session. If not set, the BFD session won't
- be set up.
- schema:
- type: string
- default: ""
- - variable: ebgpMultiHop
- label: EBGP MultiHop
- description: TTo set if the BGPPeer is multi-hops away. Needed for
- FRR mode only.
- schema:
- type: boolean
- default: false
- - variable: holdTime
- label: Hold Time
- description: Requested BGP hold time, per RFC4271.
- schema:
- type: int
- - variable: keepaliveTime
- label: Keep Alive Time
- description: Requested BGP keep alive time, per RFC4271.
- schema:
- type: int
- - variable: myASN
- label: My ASN
- description: AS number to use for the local end of the session.
- schema:
- type: int
- - variable: password
- label: Password
- description: Authentication password for routers enforcing TCP MD5
- authenticated sessions
- schema:
- type: string
- private: true
- default: ""
- - variable: peerASN
- label: Peer ASN
- description: AS number to expect from the remote end of the session.
- schema:
- type: string
- valid_chars: '^[0-9]*$'
- default: ""
- - variable: peerAddress
- label: Peer Address
- description: Address to dial when establishing the session.
- schema:
- type: string
- default: ""
- - variable: peerPort
- label: Peer Port
- description: Port to dial when establishing the session.
- schema:
- type: string
- valid_chars: '^[0-9]*$'
- default: ""
- - variable: routerID
- label: Router ID
- description: BGP router ID to advertise to the peer
- schema:
- type: string
- default: ""
- - variable: sourceAddress
- label: Source Address
- description: Source address to use when establishing the session.
- schema:
- type: string
- default: ""
- - variable: nodeSelectors
- label: Node Selectors
- description: Only connect to this peer on nodes that match one of
- these selectors.
- schema:
- type: list
- default: []
- items:
- - variable: nodeSelectorEntry
- label: Node Selector Entry
- schema:
- type: string
- default: ""
- required: true
- - variable: BGPAdvertisements
- group: App Configuration
- label: BGP Advertisements
- description: BGPAdvertisement allows to advertise the IPs coming from the
- selected IPAddressPools via BGP.
- schema:
- type: list
- default: []
- items:
- - variable: BGPAdvertisementEntry
- label: BGP Advertisement Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: Name of the BGP Advertisement
- schema:
- type: string
- required: true
- default: ""
- - variable: addressPools
- label: Address Pools
- description: The list of IPAddressPools to advertise via this advertisement,
- selected by name.
- schema:
- type: list
- default: []
- items:
- - variable: addressPoolEntry
- label: Address Pool Entry
- schema:
- type: string
- default: ""
- required: true
- - variable: aggregationLength
- label: Aggregation Length
- description: The aggregation-length advertisement option lets you
- "roll up" the /32s into a larger prefix. Defaults to 32. Works for
- IPv4 addresses.
- schema:
- type: string
- valid_chars: '^[0-9]*$'
- default: ""
- - variable: localpref
- label: Local Pref
- description: The BGP LOCAL_PREF attribute which is used by BGP best
- path algorithm, Path with higher localpref is preferred over one
- with lower localpref.
- schema:
- type: string
- valid_chars: '^[0-9]*$'
- default: ""
- - variable: communities
- label: Communities
- description: The BGP communities to be associated with the announcement.
- Each item can be a community of the form 1234:1234 or the name of
- an alias defined in the Community CRD.
- schema:
- type: list
- default: []
- items:
- - variable: communityEntry
- label: Community Entry
- schema:
- type: string
- default: ""
- required: true
- - variable: peers
- label: Peers
- description: Peers limits the BGPpeer to advertise the ips of the
- selected pools to. When empty, the loadbalancer IP is announced
- to all the BGPPeers configured.
- schema:
- type: list
- default: []
- items:
- - variable: peerEntry
- label: Peer Entry
- schema:
- type: string
- default: ""
- required: true
diff --git a/enterprise/metallb/7.0.12/templates/_bgpadvertisement.tpl b/enterprise/metallb/7.0.12/templates/_bgpadvertisement.tpl
deleted file mode 100644
index 1ce8b9a7550..00000000000
--- a/enterprise/metallb/7.0.12/templates/_bgpadvertisement.tpl
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- define "metallb.bgpadv" -}}
-{{- range .Values.BGPAdvertisements }}
----
-apiVersion: metallb.io/v1beta1
-kind: BGPAdvertisement
-metadata:
- name: {{ .name }}
- namespace: metallb-system
-spec:
- ipAddressPools:
- {{- range .addressPools }}
- - {{ . }}
- {{- end }}
- {{- with .aggregationLength }}
- aggregationLength: {{ . | int }}
- {{- end }}
- {{- with .localpref }}
- localpref: {{ . | int }}
- {{- end }}
- {{- if .communities }}
- communities:
- {{- range .communities }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- if .peers }}
- peers:
- {{- range .peers }}
- - {{ . }}
- {{- end }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/metallb/7.0.12/templates/_community.tpl b/enterprise/metallb/7.0.12/templates/_community.tpl
deleted file mode 100644
index 24aed9168b4..00000000000
--- a/enterprise/metallb/7.0.12/templates/_community.tpl
+++ /dev/null
@@ -1,16 +0,0 @@
-{{- define "metallb.comm" -}}
-{{- if .Values.Communities }}
----
-apiVersion: metallb.io/v1beta1
-kind: Community
-metadata:
- name: communities
- namespace: metallb-system
-spec:
- communities:
- {{- range .Values.Communities }}
- - name: {{ .name }}
- value: {{ .value }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/metallb/7.0.12/templates/_ipaddresspool.tpl b/enterprise/metallb/7.0.12/templates/_ipaddresspool.tpl
deleted file mode 100644
index e4b04e4d796..00000000000
--- a/enterprise/metallb/7.0.12/templates/_ipaddresspool.tpl
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- define "metallb.pool" -}}
-{{- range .Values.ipAddressPools }}
----
-apiVersion: metallb.io/v1beta1
-kind: IPAddressPool
-metadata:
- name: {{ .name }}
- namespace: metallb-system
-spec:
- addresses:
- {{- range .addresses }}
- - {{ . }}
- {{- end }}
- autoAssign: {{ .autoAssign | default true }}
- avoidBuggyIPs: {{ .avoidBuggyIPs | default false }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/metallb/7.0.12/templates/_l2advertisement.tpl b/enterprise/metallb/7.0.12/templates/_l2advertisement.tpl
deleted file mode 100644
index 651b0b0d79a..00000000000
--- a/enterprise/metallb/7.0.12/templates/_l2advertisement.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{- define "metallb.l2adv" -}}
-{{- range .Values.L2Advertisements }}
----
-apiVersion: metallb.io/v1beta1
-kind: L2Advertisement
-metadata:
- name: {{ .name }}
- namespace: metallb-system
-spec:
- ipAddressPools:
- {{- range .addressPools }}
- - {{ . }}
- {{- end }}
- {{- if .nodeSelectors }}
- {{- range .nodeSelectors }}
- nodeSelectors:
- - matchLabels:
- kubernetes.io/hostname: {{ . }}
- {{- end }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/metallb/7.0.12/templates/_peers.tpl b/enterprise/metallb/7.0.12/templates/_peers.tpl
deleted file mode 100644
index 44c8feeffc1..00000000000
--- a/enterprise/metallb/7.0.12/templates/_peers.tpl
+++ /dev/null
@@ -1,51 +0,0 @@
-{{- define "metallb.peers" -}}
-{{- range .Values.Peers }}
----
-apiVersion: metallb.io/v1beta2
-kind: BGPPeer
-metadata:
- name: {{ .name }}
- namespace: metallb-system
-spec:
- {{- with .password }}
- password: {{ . }}
- {{- end }}
- {{- with .routerID }}
- routerID: {{ . }}
- {{- end }}
- {{- with .bfdProfile }}
- bfdProfile: {{ . }}
- {{- end }}
- {{- with .ebgpMultiHop }}
- ebgpMultiHop: {{ . }}
- {{- end }}
- {{- with .holdTime }}
- holdTime: {{ . }}
- {{- end }}
- {{- with .keepaliveTime }}
- keepaliveTime: {{ . }}
- {{- end }}
- {{- with .myASN }}
- myASN: {{ . }}
- {{- end }}
- {{- with .peerASN }}
- peerASN: {{ . | int }}
- {{- end }}
- {{- with .peerAddress }}
- peerAddress: {{ . }}
- {{- end }}
- {{- with .peerPort }}
- peerPort: {{ . | int }}
- {{- end }}
- {{- with .sourceAddress }}
- sourceAddress: {{ . }}
- {{- end }}
- {{- if .nodeSelectors }}
- nodeSelectors:
- {{- range .nodeSelectors }}
- - matchLabels:
- kubernetes.io/hostname: {{ . }}
- {{- end }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/metallb/7.0.12/templates/_wait.tpl b/enterprise/metallb/7.0.12/templates/_wait.tpl
deleted file mode 100644
index ed29440a385..00000000000
--- a/enterprise/metallb/7.0.12/templates/_wait.tpl
+++ /dev/null
@@ -1,68 +0,0 @@
-{{- define "metallb.wait" }}
-{{- $fullName := include "tc.common.names.fullname" . }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- namespace: {{ .Release.Namespace }}
- name: {{ $fullName }}-wait
- annotations:
- "helm.sh/hook": pre-install, pre-upgrade
- "helm.sh/hook-weight": "-1"
- "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
-spec:
- template:
- spec:
- serviceAccountName: {{ $fullName }}-wait
- containers:
- - name: {{ $fullName }}-wait
- image: {{ .Values.ubuntuImage.repository }}:{{ .Values.ubuntuImage.tag }}
- command:
- - "/bin/sh"
- - "-c"
- - |
- /bin/bash <<'EOF'
- kubectl wait --namespace metallb-system --for=condition=ready pod --selector=app=metallb --timeout=90s
- EOF
- restartPolicy: OnFailure
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ $fullName }}-wait
- annotations:
- "helm.sh/hook": pre-install, pre-upgrade
- "helm.sh/hook-weight": "-2"
- "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
-rules:
- - apiGroups: ["*"]
- resources: ["pods"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ $fullName }}-wait
- annotations:
- "helm.sh/hook": pre-install, pre-upgrade
- "helm.sh/hook-weight": "-2"
- "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ $fullName }}-wait
-subjects:
- - kind: ServiceAccount
- name: {{ $fullName }}-wait
- namespace: {{ .Release.Namespace }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ $fullName }}-wait
- namespace: {{ .Release.Namespace }}
- annotations:
- "helm.sh/hook": pre-install, pre-upgrade
- "helm.sh/hook-weight": "-2"
- "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
-{{- end }}
diff --git a/enterprise/metallb/7.0.12/templates/common.yaml b/enterprise/metallb/7.0.12/templates/common.yaml
deleted file mode 100644
index d545fb257f6..00000000000
--- a/enterprise/metallb/7.0.12/templates/common.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
-
-{{- include "metallb.l2adv" . }}
-
-{{- include "metallb.peers" . }}
-
-{{- include "metallb.bgpadv" . }}
-
-{{- include "metallb.comm" . }}
-
-{{- include "metallb.pool" . }}
-
-{{- include "metallb.wait" . }}
diff --git a/enterprise/metallb/7.0.12/values.yaml b/enterprise/metallb/7.0.12/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/prometheus/7.0.60/CHANGELOG.md b/enterprise/prometheus/7.0.60/CHANGELOG.md
deleted file mode 100644
index 2471ee18c80..00000000000
--- a/enterprise/prometheus/7.0.60/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [prometheus-7.0.60](https://github.com/truecharts/charts/compare/prometheus-7.0.59...prometheus-7.0.60) (2023-02-27)
-
-### Chore
-
-- update helm general non-major ([#7725](https://github.com/truecharts/charts/issues/7725))
-
-
-
-
-## [prometheus-7.0.59](https://github.com/truecharts/charts/compare/prometheus-7.0.58...prometheus-7.0.59) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/thanos to 0.30.2
-
-
-
-
-## [prometheus-7.0.58](https://github.com/truecharts/charts/compare/prometheus-7.0.57...prometheus-7.0.58) (2023-02-27)
-
-### Chore
-
-- update container image tccr.io/truecharts/prometheus to 2.42.0
-
-
-
-
-## [prometheus-7.0.57](https://github.com/truecharts/charts/compare/prometheus-7.0.56...prometheus-7.0.57) (2023-02-26)
-
-### Chore
-
-- update container image tccr.io/truecharts/alertmanager to 0.25.0
-
-
-
-
-## [prometheus-7.0.56](https://github.com/truecharts/charts/compare/prometheus-7.0.55...prometheus-7.0.56) (2023-02-19)
-
-### Chore
-
-- update helm general non-major
- - update container image tccr.io/truecharts/prometheus to 2.42.0
-
-
-
-
-## [prometheus-7.0.55](https://github.com/truecharts/charts/compare/prometheus-7.0.54...prometheus-7.0.55) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/alertmanager to 0.25.0
-
-
-
-
-## [prometheus-7.0.54](https://github.com/truecharts/charts/compare/prometheus-7.0.53...prometheus-7.0.54) (2023-02-14)
-
-### Chore
-
-- update container image tccr.io/truecharts/thanos to 0.30.2
-
-
-
-
-## [prometheus-7.0.53](https://github.com/truecharts/charts/compare/prometheus-7.0.52...prometheus-7.0.53) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [prometheus-7.0.52](https://github.com/truecharts/charts/compare/prometheus-7.0.51...prometheus-7.0.52) (2023-02-06)
-
-### Chore
-
-- update container image tccr.io/truecharts/alertmanager to 0.25.0
-
-
-
-
-## [prometheus-7.0.51](https://github.com/truecharts/charts/compare/prometheus-7.0.50...prometheus-7.0.51) (2023-02-04)
-
-### Chore
-
-- update container image tccr.io/truecharts/prometheus to 2.42.0
-
-
-
-
-## [prometheus-7.0.50](https://github.com/truecharts/charts/compare/prometheus-7.0.49...prometheus-7.0.50) (2023-02-03)
-
diff --git a/enterprise/prometheus/7.0.60/Chart.yaml b/enterprise/prometheus/7.0.60/Chart.yaml
deleted file mode 100644
index 20bd5e1cc41..00000000000
--- a/enterprise/prometheus/7.0.60/Chart.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-apiVersion: v2
-appVersion: "2.42.0"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: exporters.enabled,exporters.node-exporter.enabled
- name: node-exporter
- repository: https://charts.bitnami.com/bitnami
- version: 3.3.1
- - condition: exporters.enabled,exporters.kube-state-metrics.enabled
- name: kube-state-metrics
- repository: https://charts.bitnami.com/bitnami
- version: 3.3.2
-deprecated: false
-description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/prometheus.png
-home: https://truecharts.org/charts/enterprise/prometheus
-keywords:
- - metrics
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: prometheus
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/prometheus
- - https://hub.docker.com/r/bitnami/prometheus
- - https://github.com/prometheus-community/helm-charts
- - https://github.com/prometheus-operator/kube-prometheus
-type: application
-version: 7.0.60
-annotations:
- truecharts.org/catagories: |
- - metrics
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/prometheus/7.0.60/LICENSE b/enterprise/prometheus/7.0.60/LICENSE
deleted file mode 100644
index c30fceb4a5b..00000000000
--- a/enterprise/prometheus/7.0.60/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Prometheus" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/prometheus/7.0.60/README.md b/enterprise/prometheus/7.0.60/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/prometheus/7.0.60/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/prometheus/7.0.60/app-changelog.md b/enterprise/prometheus/7.0.60/app-changelog.md
deleted file mode 100644
index 68ffbae623f..00000000000
--- a/enterprise/prometheus/7.0.60/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [prometheus-7.0.60](https://github.com/truecharts/charts/compare/prometheus-7.0.59...prometheus-7.0.60) (2023-02-27)
-
-### Chore
-
-- update helm general non-major ([#7725](https://github.com/truecharts/charts/issues/7725))
-
-
\ No newline at end of file
diff --git a/enterprise/prometheus/7.0.60/app-readme.md b/enterprise/prometheus/7.0.60/app-readme.md
deleted file mode 100644
index 93f59634eaa..00000000000
--- a/enterprise/prometheus/7.0.60/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/prometheus](https://truecharts.org/charts/enterprise/prometheus)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/prometheus/7.0.60/charts/common-11.1.2.tgz b/enterprise/prometheus/7.0.60/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/enterprise/prometheus/7.0.60/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/enterprise/prometheus/7.0.60/charts/kube-state-metrics-3.3.2.tgz b/enterprise/prometheus/7.0.60/charts/kube-state-metrics-3.3.2.tgz
deleted file mode 100644
index 7452679bf9d..00000000000
Binary files a/enterprise/prometheus/7.0.60/charts/kube-state-metrics-3.3.2.tgz and /dev/null differ
diff --git a/enterprise/prometheus/7.0.60/charts/node-exporter-3.3.1.tgz b/enterprise/prometheus/7.0.60/charts/node-exporter-3.3.1.tgz
deleted file mode 100644
index 408fac98c27..00000000000
Binary files a/enterprise/prometheus/7.0.60/charts/node-exporter-3.3.1.tgz and /dev/null differ
diff --git a/enterprise/prometheus/7.0.60/ix_values.yaml b/enterprise/prometheus/7.0.60/ix_values.yaml
deleted file mode 100644
index 4de2255aaab..00000000000
--- a/enterprise/prometheus/7.0.60/ix_values.yaml
+++ /dev/null
@@ -1,1364 +0,0 @@
-image:
- repository: tccr.io/truecharts/prometheus
- tag: 2.42.0@sha256:1f0a6e4c8eb16676f543c51209c994ec4ba2fd0902d866d8a982cfb1a5793a13
-
-thanosImage:
- repository: tccr.io/truecharts/thanos
- tag: 0.30.2@sha256:64d834218591f67601424f1de3b3a1ab43aca9824758e665717baef221e6cc9b
-
-alertmanagerImage:
- repository: tccr.io/truecharts/alertmanager
- tag: 0.25.0@sha256:6c59cf9e8332a23a3b629cb4d1b2ec8200bd645ea053cbf14fd04582ced81b72
-
-global:
- labels: {}
-
-controller:
- enabled: false
-
-service:
- main:
- selector:
- app.kubernetes.io/name: prometheus
- prometheus: '{{ template "kube-prometheus.prometheus.fullname" . }}'
- ports:
- main:
- port: 10086
- targetPort: 9090
- protocol: HTTP
- alertmanager:
- enabled: true
- selector:
- app.kubernetes.io/name: alertmanager
- alertmanager: '{{ template "kube-prometheus.alertmanager.fullname" . }}'
- ports:
- alertmanager:
- enabled: true
- port: 10087
- targetPort: 9093
- protocol: HTTP
- thanos:
- enabled: true
- selector:
- app.kubernetes.io/name: prometheus
- prometheus: '{{ template "kube-prometheus.prometheus.fullname" . }}'
- ports:
- thanos:
- enabled: true
- port: 10901
- targetPort: 10901
- protocol: HTTP
-
-ingress:
- main:
- enabled: false
- alertmanager:
- enabled: false
- thanos:
- enabled: false
-
-####
-## Operator Config
-####
-
-env:
- PROMETHEUS_CONFIG_RELOADER:
- configMapKeyRef:
- name: prometheus-operator-config
- key: prometheus-config-reloader
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- rules:
- - apiGroups:
- - apiextensions.k8s.io
- resources:
- - customresourcedefinitions
- verbs:
- - create
- - apiGroups:
- - apiextensions.k8s.io
- resourceNames:
- - alertmanagers.monitoring.coreos.com
- - podmonitors.monitoring.coreos.com
- - prometheuses.monitoring.coreos.com
- - prometheusrules.monitoring.coreos.com
- - servicemonitors.monitoring.coreos.com
- - thanosrulers.monitoring.coreos.com
- - probes.monitoring.coreos.com
- resources:
- - customresourcedefinitions
- verbs:
- - get
- - update
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - alertmanagers
- - alertmanagers/finalizers
- - alertmanagerconfigs
- - prometheuses
- - prometheuses/finalizers
- - thanosrulers
- - thanosrulers/finalizers
- - servicemonitors
- - podmonitors
- - probes
- - prometheusrules
- verbs:
- - "*"
- - apiGroups:
- - apps
- resources:
- - statefulsets
- verbs:
- - "*"
- - apiGroups:
- - ""
- resources:
- - configmaps
- - secrets
- verbs:
- - "*"
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - list
- - delete
- - apiGroups:
- - ""
- resources:
- - services
- - services/finalizers
- - endpoints
- verbs:
- - get
- - create
- - update
- - delete
- - apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
- - apiGroups:
- - ""
- resources:
- - namespaces
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - networking.k8s.io
- resources:
- - ingresses
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
-
-securityContext:
- readOnlyRootFilesystem: false
-
-probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- custom: true
- spec:
- httpGet:
- path: "/metrics"
- port: promop
- scheme: HTTP
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- custom: true
- spec:
- httpGet:
- path: "/metrics"
- port: promop
- scheme: HTTP
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- custom: true
- spec:
- httpGet:
- path: "/metrics"
- port: promop
- scheme: HTTP
-
-operator:
- ## Create a servicemonitor for the operator
- ##
- serviceMonitor:
- ## @param operator.serviceMonitor.enabled Creates a ServiceMonitor to monitor Prometheus Operator
- ##
- enabled: false
- ## @param operator.serviceMonitor.interval Scrape interval (use by default, falling back to Prometheus' default)
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
- ##
- interval: ""
- ## @param operator.serviceMonitor.metricRelabelings Metric relabeling
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs
- ##
- metricRelabelings: []
- ## @param operator.serviceMonitor.relabelings Relabel configs
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
- ##
- relabelings: []
-
- ## Prometheus Configmap-reload image to use for reloading configmaps
- ## defaults to Bitnami Prometheus Operator (ref: https://hub.docker.com/r/tccr.io/truecharts/prometheus-operator/tags/)
- ##
- prometheusConfigReloader:
- containerSecurityContext:
- enabled: true
- readOnlyRootFilesystem: false
- allowPrivilegeEscalation: false
- runAsNonRoot: true
- capabilities:
- drop:
- - ALL
-
- livenessProbe:
- enabled: true
- initialDelaySeconds: 10
- periodSeconds: 10
- timeoutSeconds: 5
- failureThreshold: 6
- successThreshold: 1
-
- readinessProbe:
- enabled: true
- initialDelaySeconds: 15
- periodSeconds: 20
- timeoutSeconds: 5
- failureThreshold: 6
- successThreshold: 1
-
-####
-## Prometheus Config (Spawned by Operator)
-####
-
-## Deploy a Prometheus instance
-##
-prometheus:
- ## @param prometheus.enabled Deploy Prometheus to the cluster
- ##
- enabled: true
- ## Bitnami Prometheus image version
- ## ref: https://hub.docker.com/r/tccr.io/truecharts/prometheus/tags/
- ## @param prometheus.image.registry Prometheus image registry
- ## @param prometheus.image.repository Prometheus image repository
- ## @param prometheus.image.tag Prometheus Image tag (immutable tags are recommended)
- ## @param prometheus.image.pullSecrets Specify docker-registry secret names as an array
- ##
- ## Service account for Prometheus to use.
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- ##
- serviceAccount:
- ## @param prometheus.serviceAccount.create Specify whether to create a ServiceAccount for Prometheus
- ##
- create: true
- ## @param prometheus.serviceAccount.name The name of the ServiceAccount to create
- ## If not set and create is true, a name is generated using the kube-prometheus.prometheus.fullname template
- name: ""
- ## @param prometheus.serviceAccount.annotations Additional annotations for created Prometheus ServiceAccount
- ## annotations:
- ## eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT:role/prometheus
- ##
- annotations: {}
- ## Prometheus pods' Security Context
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
- ## @param prometheus.podSecurityContext.enabled Enable security context
- ## @param prometheus.podSecurityContext.runAsUser User ID for the container
- ## @param prometheus.podSecurityContext.fsGroup Group ID for the container filesystem
- ##
- podSecurityContext:
- enabled: true
- runAsUser: 1001
- fsGroup: 1001
- ## Prometheus containers' Security Context
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
- ## @param prometheus.containerSecurityContext.enabled Enable container security context
- ## @param prometheus.containerSecurityContext.readOnlyRootFilesystem Mount / (root) as a readonly filesystem
- ## @param prometheus.containerSecurityContext.allowPrivilegeEscalation Switch privilegeEscalation possibility on or off
- ## @param prometheus.containerSecurityContext.runAsNonRoot Force the container to run as a non root user
- ## @param prometheus.containerSecurityContext.capabilities.drop [array] Linux Kernel capabilities which should be dropped
- ##
- containerSecurityContext:
- enabled: true
- readOnlyRootFilesystem: false
- allowPrivilegeEscalation: false
- runAsNonRoot: true
- capabilities:
- drop:
- - ALL
-
- serviceMonitor:
- ## @param prometheus.serviceMonitor.enabled Creates a ServiceMonitor to monitor Prometheus itself
- ##
- enabled: true
- ## @param prometheus.serviceMonitor.interval Scrape interval (use by default, falling back to Prometheus' default)
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
- ##
- interval: ""
- ## @param prometheus.serviceMonitor.metricRelabelings Metric relabeling
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs
- ##
- metricRelabelings: []
- ## @param prometheus.serviceMonitor.relabelings Relabel configs
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
- ##
- relabelings: []
- ## @param prometheus.externalUrl External URL used to access Prometheus
- ## If not creating an ingress but still exposing the service some other way (like a proxy)
- ## let Prometheus know what its external URL is so that it can properly create links
- ## externalUrl: https://prometheus.example.com
- ##
- externalUrl: ""
- ## @param prometheus.resources CPU/Memory resource requests/limits for node
- ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
- ##
- resources: {}
- ## @param prometheus.podAffinityPreset Prometheus Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
- ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
- ##
- podAffinityPreset: ""
- ## @param prometheus.podAntiAffinityPreset Prometheus Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
- ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
- ##
- podAntiAffinityPreset: soft
- ## Node affinity preset
- ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
- ##
- nodeAffinityPreset:
- ## @param prometheus.nodeAffinityPreset.type Prometheus Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
- ##
- type: ""
- ## @param prometheus.nodeAffinityPreset.key Prometheus Node label key to match Ignored if `affinity` is set.
- ## E.g.
- ## key: "kubernetes.io/e2e-az-name"
- ##
- key: ""
- ## @param prometheus.nodeAffinityPreset.values Prometheus Node label values to match. Ignored if `affinity` is set.
- ## E.g.
- ## values:
- ## - e2e-az1
- ## - e2e-az2
- ##
- values: []
- ## @param prometheus.affinity Prometheus Affinity for pod assignment
- ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
- ## Note: prometheus.podAffinityPreset, prometheus.podAntiAffinityPreset, and prometheus.nodeAffinityPreset will be ignored when it's set
- ##
- affinity: {}
- ## @param prometheus.nodeSelector Prometheus Node labels for pod assignment
- ## ref: https://kubernetes.io/docs/user-guide/node-selection/
- ##
- nodeSelector: {}
- ## @param prometheus.tolerations Prometheus Tolerations for pod assignment
- ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
- ##
- tolerations: []
- ## @param prometheus.scrapeInterval Interval between consecutive scrapes
- ##
- scrapeInterval: "15s"
- ## @param prometheus.evaluationInterval Interval between consecutive evaluations
- ##
- evaluationInterval: "30s"
- ## @param prometheus.listenLocal ListenLocal makes the Prometheus server listen on loopback
- ##
- listenLocal: false
- ## Configure extra options for liveness probe
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
- ## @param prometheus.livenessProbe.enabled Turn on and off liveness probe
- ## @param prometheus.livenessProbe.path Path of the HTTP service for checking the healthy state
- ## @param prometheus.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated
- ## @param prometheus.livenessProbe.periodSeconds How often to perform the probe
- ## @param prometheus.livenessProbe.timeoutSeconds When the probe times out
- ## @param prometheus.livenessProbe.failureThreshold Minimum consecutive failures for the probe
- ## @param prometheus.livenessProbe.successThreshold Minimum consecutive successes for the probe
- ##
- livenessProbe:
- enabled: true
- path: /-/healthy
- initialDelaySeconds: 0
- failureThreshold: 10
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 3
- ## Configure extra options for readiness probe
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
- ## @param prometheus.readinessProbe.enabled Turn on and off readiness probe
- ## @param prometheus.readinessProbe.path Path of the HTTP service for checking the ready state
- ## @param prometheus.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated
- ## @param prometheus.readinessProbe.periodSeconds How often to perform the probe
- ## @param prometheus.readinessProbe.timeoutSeconds When the probe times out
- ## @param prometheus.readinessProbe.failureThreshold Minimum consecutive failures for the probe
- ## @param prometheus.readinessProbe.successThreshold Minimum consecutive successes for the probe
- ##
- readinessProbe:
- enabled: true
- path: /-/ready
- initialDelaySeconds: 0
- failureThreshold: 10
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 3
- ## @param prometheus.enableAdminAPI Enable Prometheus adminitrative API
- ## ref: https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis
- ##
- enableAdminAPI: false
- ## @param prometheus.enableFeatures Enable access to Prometheus disabled features.
- ## ref: https://prometheus.io/docs/prometheus/latest/disabled_features/
- ##
- enableFeatures: []
- ## @param prometheus.alertingEndpoints Alertmanagers to which alerts will be sent
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#alertmanagerendpoints
- ##
- alertingEndpoints: []
- ## @param prometheus.externalLabels External labels to add to any time series or alerts when communicating with external systems
- ##
- externalLabels: {}
- ## @param prometheus.replicaExternalLabelName Name of the external label used to denote replica name
- ##
- replicaExternalLabelName: ""
- ## @param prometheus.replicaExternalLabelNameClear Clear external label used to denote replica name
- ##
- replicaExternalLabelNameClear: false
- ## @param prometheus.routePrefix Prefix used to register routes, overriding externalUrl route
- ## Useful for proxies that rewrite URLs.
- ##
- routePrefix: /
- ## @param prometheus.prometheusExternalLabelName Name of the external label used to denote Prometheus instance name
- ##
- prometheusExternalLabelName: ""
- ## @param prometheus.prometheusExternalLabelNameClear Clear external label used to denote Prometheus instance name
- ##
- prometheusExternalLabelNameClear: false
- ## @param prometheus.secrets Secrets that should be mounted into the Prometheus Pods
- ##
- secrets: []
- ## @param prometheus.configMaps ConfigMaps that should be mounted into the Prometheus Pods
- ##
- configMaps: []
- ## @param prometheus.querySpec The query command line flags when starting Prometheus
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#queryspec
- ##
- querySpec: {}
- ## @param prometheus.ruleNamespaceSelector Namespaces to be selected for PrometheusRules discovery
- ## See https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage
- ##
- ruleNamespaceSelector: {}
- ## @param prometheus.ruleSelector PrometheusRules to be selected for target discovery
- ## If {}, select all ServiceMonitors
- ##
- ruleSelector: {}
- ## @param prometheus.serviceMonitorSelector ServiceMonitors to be selected for target discovery
- ## If {}, select all ServiceMonitors
- ##
- serviceMonitorSelector: {}
- ## @param prometheus.matchLabels Matchlabels
- ##
- matchLabels: {}
- ## @param prometheus.serviceMonitorNamespaceSelector Namespaces to be selected for ServiceMonitor discovery
- ## See https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage
- ##
- serviceMonitorNamespaceSelector: {}
- ## @param prometheus.podMonitorSelector PodMonitors to be selected for target discovery.
- ## If {}, select all PodMonitors
- ##
- podMonitorSelector: {}
- ## @param prometheus.podMonitorNamespaceSelector Namespaces to be selected for PodMonitor discovery
- ## See https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage
- ##
- podMonitorNamespaceSelector: {}
- ## @param prometheus.probeSelector Probes to be selected for target discovery.
- ## If {}, select all Probes
- ##
- probeSelector: {}
- ## @param prometheus.probeNamespaceSelector Namespaces to be selected for Probe discovery
- ## See https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage
- ##
- probeNamespaceSelector: {}
- ## @param prometheus.retention Metrics retention days
- ##
- retention: 31d
- ## @param prometheus.retentionSize Maximum size of metrics
- ##
- retentionSize: ""
- ## @param prometheus.disableCompaction Disable the compaction of the Prometheus TSDB
- ## See https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
- ## ref: https://prometheus.io/docs/prometheus/latest/storage/#compaction
- ##
- disableCompaction: false
- ## @param prometheus.walCompression Enable compression of the write-ahead log using Snappy
- ##
- walCompression: false
- ## @param prometheus.paused If true, the Operator won't process any Prometheus configuration changes
- ##
- paused: false
- ## @param prometheus.replicaCount Number of Prometheus replicas desired
- ##
- replicaCount: 1
- ## @param prometheus.logLevel Log level for Prometheus
- ##
- logLevel: info
- ## @param prometheus.logFormat Log format for Prometheus
- ##
- logFormat: logfmt
- ## @param prometheus.podMetadata [object] Standard object's metadata
- ## ref: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
- ##
- podMetadata:
- ## labels:
- ## app: prometheus
- ## k8s-app: prometheus
- ##
- labels: {}
- annotations: {}
- ## @param prometheus.remoteRead The remote_read spec configuration for Prometheus
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#remotereadspec
- ## remoteRead:
- ## - url: http://remote1/read
- ##
- remoteRead: []
- ## @param prometheus.remoteWrite The remote_write spec configuration for Prometheus
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#remotewritespec
- ## remoteWrite:
- ## - url: http://remote1/push
- ##
- remoteWrite: []
- ## @param prometheus.storageSpec Prometheus StorageSpec for persistent data
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/storage.md
- ##
- storageSpec: {}
- ## Prometheus persistence parameters
- ##
- persistence:
- ## @param prometheus.persistence.enabled Use PVCs to persist data. If the storageSpec is provided this will not take effect.
- ##
- enabled: true
- ## @param prometheus.persistence.storageClass Persistent Volume Storage Class
- ## If defined, storageClassName:
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner.
- ##
- storageClass: ""
- ## @param prometheus.persistence.accessModes Persistent Volume Access Modes
- ##
- accessModes:
- - ReadWriteOnce
- ## @param prometheus.persistence.size Persistent Volume Size
- ##
- size: 999Gi
- ## @param prometheus.priorityClassName Priority class assigned to the Pods
- ##
- priorityClassName: ""
- ## @param prometheus.containers Containers allows injecting additional containers
- ##
- containers: []
- ## @param prometheus.volumes Volumes allows configuration of additional volumes
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
- ##
- volumes: []
- ## @param prometheus.volumeMounts VolumeMounts allows configuration of additional VolumeMounts. Evaluated as a template
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
- ##
- volumeMounts: []
- ## @param prometheus.additionalPrometheusRules PrometheusRule defines recording and alerting rules for a Prometheus instance.
- additionalPrometheusRules: []
- ## - name: custom-recording-rules
- ## groups:
- ## - name: sum_node_by_job
- ## rules:
- ## - record: job:kube_node_labels:sum
- ## expr: sum(kube_node_labels) by (job)
- ## - name: sum_prometheus_config_reload_by_pod
- ## rules:
- ## - record: job:prometheus_config_last_reload_successful:sum
- ## expr: sum(prometheus_config_last_reload_successful) by (pod)
- ## - name: custom-alerting-rules
- ## groups:
- ## - name: prometheus-config
- ## rules:
- ## - alert: PrometheusConfigurationReload
- ## expr: prometheus_config_last_reload_successful > 0
- ## for: 1m
- ## labels:
- ## severity: error
- ## annotations:
- ## summary: "Prometheus configuration reload (instance {{ $labels.instance }})"
- ## description: "Prometheus configuration reload error\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
- ## - name: custom-node-exporter-alerting-rules
- ## rules:
- ## - alert: PhysicalComponentTooHot
- ## expr: node_hwmon_temp_celsius > 75
- ## for: 5m
- ## labels:
- ## severity: warning
- ## annotations:
- ## summary: "Physical component too hot (instance {{ $labels.instance }})"
- ## description: "Physical hardware component too hot\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
- ## - alert: NodeOvertemperatureAlarm
- ## expr: node_hwmon_temp_alarm == 1
- ## for: 5m
- ## labels:
- ## severity: critical
- ## annotations:
- ## summary: "Node overtemperature alarm (instance {{ $labels.instance }})"
- ## description: "Physical node temperature alarm triggered\n VALUE = {{ $value }}\n LABELS: {{ $labels }}"
- ##
- ## Note that the prometheus will fail to provision if the correct secret does not exist.
- ## @param prometheus.additionalScrapeConfigs.enabled Enable additional scrape configs
- ## @param prometheus.additionalScrapeConfigs.type Indicates if the cart should use external additional scrape configs or internal configs
- ## @param prometheus.additionalScrapeConfigs.external.name Name of the secret that Prometheus should use for the additional external scrape configuration
- ## @param prometheus.additionalScrapeConfigs.external.key Name of the key inside the secret to be used for the additional external scrape configuration
- ## @param prometheus.additionalScrapeConfigs.internal.jobList A list of Prometheus scrape jobs
- ##
- additionalScrapeConfigs:
- enabled: false
- type: external
- external:
- ## Name of the secret that Prometheus should use for the additional scrape configuration
- ##
- name: ""
- ## Name of the key inside the secret to be used for the additional scrape configuration.
- ##
- key: ""
- internal:
- jobList: []
- ## @param prometheus.additionalScrapeConfigsExternal.enabled Deprecated: Enable additional scrape configs that are managed externally to this chart
- ## @param prometheus.additionalScrapeConfigsExternal.name Deprecated: Name of the secret that Prometheus should use for the additional scrape configuration
- ## @param prometheus.additionalScrapeConfigsExternal.key Deprecated: Name of the key inside the secret to be used for the additional scrape configuration
- ##
- additionalScrapeConfigsExternal:
- enabled: false
- name: ""
- key: ""
- ## Enable additional Prometheus alert relabel configs that are managed externally to this chart
- ## Note that the prometheus will fail to provision if the correct secret does not exist.
- ## @param prometheus.additionalAlertRelabelConfigsExternal.enabled Enable additional Prometheus alert relabel configs that are managed externally to this chart
- ## @param prometheus.additionalAlertRelabelConfigsExternal.name Name of the secret that Prometheus should use for the additional Prometheus alert relabel configuration
- ## @param prometheus.additionalAlertRelabelConfigsExternal.key Name of the key inside the secret to be used for the additional Prometheus alert relabel configuration
- ##
- additionalAlertRelabelConfigsExternal:
- enabled: false
- name: ""
- key: ""
- ## Thanos sidecar container configuration
- ##
- thanos:
- ## @param prometheus.thanos.create Create a Thanos sidecar container
- ##
- create: false
- ## Bitnami Thanos image
- ## ref: https://hub.docker.com/r/tccr.io/truecharts/thanos/tags/
- ## @param prometheus.thanos.image.registry Thanos image registry
- ## @param prometheus.thanos.image.repository Thanos image name
- ## @param prometheus.thanos.image.tag Thanos image tag
- ## @param prometheus.thanos.image.pullPolicy Thanos image pull policy
- ## @param prometheus.thanos.image.pullSecrets Specify docker-registry secret names as an array
- ##
- ## Thanos Sidecar container's securityContext
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
- ## @param prometheus.thanos.containerSecurityContext.enabled Enable container security context
- ## @param prometheus.thanos.containerSecurityContext.readOnlyRootFilesystem mount / (root) as a readonly filesystem
- ## @param prometheus.thanos.containerSecurityContext.allowPrivilegeEscalation Switch privilegeEscalation possibility on or off
- ## @param prometheus.thanos.containerSecurityContext.runAsNonRoot Force the container to run as a non root user
- ## @param prometheus.thanos.containerSecurityContext.capabilities.drop [array] Linux Kernel capabilities which should be dropped
- ##
- containerSecurityContext:
- enabled: true
- readOnlyRootFilesystem: false
- allowPrivilegeEscalation: false
- runAsNonRoot: true
- capabilities:
- drop:
- - ALL
- ## @param prometheus.thanos.prometheusUrl Override default prometheus url "http://localhost:9090"
- ##
- prometheusUrl: ""
- ## @param prometheus.thanos.extraArgs Additional arguments passed to the thanos sidecar container
- ## extraArgs:
- ## - --log.level=debug
- ## - --tsdb.path=/data/
- ##
- extraArgs: []
- ## @param prometheus.thanos.objectStorageConfig Support mounting a Secret for the objectStorageConfig of the sideCar container.
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/thanos.md
- ## objectStorageConfig:
- ## secretName: thanos-objstore-config
- ## secretKey: thanos.yaml
- ##
- objectStorageConfig: {}
- ## ref: https://github.com/thanos-io/thanos/blob/main/docs/components/sidecar.md
- ## @param prometheus.thanos.extraVolumeMounts Additional volumeMounts from `prometheus.volumes` for thanos sidecar container
- ## extraVolumeMounts:
- ## - name: my-secret-volume
- ## mountPath: /etc/thanos/secrets/my-secret
- ##
- extraVolumeMounts: []
- ## Thanos sidecar container resource requests and limits.
- ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
- ## We usually recommend not to specify default resources and to leave this as a conscious
- ## choice for the user. This also increases chances charts run on environments with little
- ## resources, such as Minikube. If you do want to specify resources, uncomment the following
- ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- ## @param prometheus.thanos.resources.limits The resources limits for the Thanos sidecar container
- ## @param prometheus.thanos.resources.requests The resources requests for the Thanos sidecar container
- ##
- resources:
- ## Example:
- ## limits:
- ## cpu: 100m
- ## memory: 128Mi
- limits: {}
- ## Examples:
- ## requests:
- ## cpu: 100m
- ## memory: 128Mi
- requests: {}
- ## Configure extra options for liveness probe
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
- ## @param prometheus.thanos.livenessProbe.enabled Turn on and off liveness probe
- ## @param prometheus.thanos.livenessProbe.path Path of the HTTP service for checking the healthy state
- ## @param prometheus.thanos.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated
- ## @param prometheus.thanos.livenessProbe.periodSeconds How often to perform the probe
- ## @param prometheus.thanos.livenessProbe.timeoutSeconds When the probe times out
- ## @param prometheus.thanos.livenessProbe.failureThreshold Minimum consecutive failures for the probe
- ## @param prometheus.thanos.livenessProbe.successThreshold Minimum consecutive successes for the probe
- ##
- livenessProbe:
- enabled: true
- path: /-/healthy
- initialDelaySeconds: 0
- periodSeconds: 5
- timeoutSeconds: 3
- failureThreshold: 120
- successThreshold: 1
- ## Configure extra options for readiness probe
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
- ## @param prometheus.thanos.readinessProbe.enabled Turn on and off readiness probe
- ## @param prometheus.thanos.readinessProbe.path Path of the HTTP service for checking the ready state
- ## @param prometheus.thanos.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated
- ## @param prometheus.thanos.readinessProbe.periodSeconds How often to perform the probe
- ## @param prometheus.thanos.readinessProbe.timeoutSeconds When the probe times out
- ## @param prometheus.thanos.readinessProbe.failureThreshold Minimum consecutive failures for the probe
- ## @param prometheus.thanos.readinessProbe.successThreshold Minimum consecutive successes for the probe
- ##
- readinessProbe:
- enabled: true
- path: /-/ready
- initialDelaySeconds: 0
- periodSeconds: 5
- timeoutSeconds: 3
- failureThreshold: 120
- successThreshold: 1
- ## Thanos Sidecar Service
- ##
- service:
- ## @param prometheus.thanos.service.type Kubernetes service type
- ##
- type: ClusterIP
- ## @param prometheus.thanos.service.port Thanos service port
- ##
- port: 10901
- ## @param prometheus.thanos.service.clusterIP Specific cluster IP when service type is cluster IP. Use `None` to create headless service by default.
- ## Use a "headless" service by default so it returns every pod's IP instead of loadbalancing requests.
- ##
- clusterIP: None
- ## @param prometheus.thanos.service.nodePort Specify the nodePort value for the LoadBalancer and NodePort service types.
- ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
- ## e.g:
- ## nodePort: 30901
- ##
- nodePort: ""
- ## @param prometheus.thanos.service.loadBalancerIP `loadBalancerIP` if service type is `LoadBalancer`
- ## Set the LoadBalancer service type to internal only
- ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
- ##
- loadBalancerIP: ""
- ## @param prometheus.thanos.service.loadBalancerSourceRanges Address that are allowed when svc is `LoadBalancer`
- ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
- ## e.g:
- ## loadBalancerSourceRanges:
- ## - 10.10.10.0/24
- ##
- loadBalancerSourceRanges: []
- ## @param prometheus.thanos.service.annotations Additional annotations for Prometheus service
- ##
- annotations: {}
- ## @param prometheus.thanos.service.extraPorts Additional ports to expose from the Thanos sidecar container
- ## extraPorts:
- ## - name: http
- ## port: 10902
- ## targetPort: http
- ## protocol: TCP
- ##
- extraPorts: []
- ## @param prometheus.portName Port name used for the pods and governing service. This defaults to web
- ##
- portName: main
-
-####
-## Alert Manager Config
-####
-
-## @section Alertmanager Parameters
-
-## Configuration for alertmanager
-## ref: https://prometheus.io/docs/alerting/alertmanager/
-##
-alertmanager:
- ## @param alertmanager.enabled Deploy Alertmanager to the cluster
- ##
- enabled: true
- ## Service account for Alertmanager to use.
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- ##
- serviceAccount:
- ## @param alertmanager.serviceAccount.create Specify whether to create a ServiceAccount for Alertmanager
- ##
- create: true
- ## @param alertmanager.serviceAccount.name The name of the ServiceAccount to create
- ## If not set and create is true, a name is generated using the kube-prometheus.alertmanager.fullname template
- name: ""
- ## Prometheus Alertmanager pods' Security Context
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
- ## @param alertmanager.podSecurityContext.enabled Enable security context
- ## @param alertmanager.podSecurityContext.runAsUser User ID for the container
- ## @param alertmanager.podSecurityContext.fsGroup Group ID for the container filesystem
- ##
- podSecurityContext:
- enabled: true
- runAsUser: 1001
- fsGroup: 1001
- ## Prometheus Alertmanager container's securityContext
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
- ## @param alertmanager.containerSecurityContext.enabled Enable container security context
- ## @param alertmanager.containerSecurityContext.readOnlyRootFilesystem mount / (root) as a readonly filesystem
- ## @param alertmanager.containerSecurityContext.allowPrivilegeEscalation Switch privilegeEscalation possibility on or off
- ## @param alertmanager.containerSecurityContext.runAsNonRoot Force the container to run as a non root user
- ## @param alertmanager.containerSecurityContext.capabilities.drop [array] Linux Kernel capabilities which should be dropped
- ##
- containerSecurityContext:
- enabled: true
- readOnlyRootFilesystem: false
- allowPrivilegeEscalation: false
- runAsNonRoot: true
- capabilities:
- drop:
- - ALL
- ## Configure pod disruption budgets for Alertmanager
- ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
- ## @param alertmanager.podDisruptionBudget.enabled Create a pod disruption budget for Alertmanager
- ## @param alertmanager.podDisruptionBudget.minAvailable Minimum number / percentage of pods that should remain scheduled
- ## @param alertmanager.podDisruptionBudget.maxUnavailable Maximum number / percentage of pods that may be made unavailable
- ##
- podDisruptionBudget:
- enabled: false
- minAvailable: 1
- maxUnavailable: ""
- ## If true, create a serviceMonitor for alertmanager
- ##
- serviceMonitor:
- ## @param alertmanager.serviceMonitor.enabled Creates a ServiceMonitor to monitor Alertmanager
- ##
- enabled: true
- ## @param alertmanager.serviceMonitor.interval Scrape interval. If not set, the Prometheus default scrape interval is used.
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
- ##
- interval: ""
- ## @param alertmanager.serviceMonitor.metricRelabelings Metric relabeling
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs
- ##
- metricRelabelings: []
- ## @param alertmanager.serviceMonitor.relabelings Relabel configs
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
- ##
- relabelings: []
- ## @param alertmanager.externalUrl External URL used to access Alertmanager
- ## e.g:
- ## externalUrl: https://alertmanager.example.com
- ##
- externalUrl: ""
- ## @param alertmanager.resources CPU/Memory resource requests/limits for node
- ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
- ##
- resources: {}
- ## @param alertmanager.podAffinityPreset Alertmanager Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
- ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
- ##
- podAffinityPreset: ""
- ## @param alertmanager.podAntiAffinityPreset Alertmanager Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
- ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
- ##
- podAntiAffinityPreset: soft
- ## Node affinity preset
- ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
- ##
- nodeAffinityPreset:
- ## @param alertmanager.nodeAffinityPreset.type Alertmanager Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
- ##
- type: ""
- ## @param alertmanager.nodeAffinityPreset.key Alertmanager Node label key to match Ignored if `affinity` is set.
- ## E.g.
- ## key: "kubernetes.io/e2e-az-name"
- ##
- key: ""
- ## @param alertmanager.nodeAffinityPreset.values Alertmanager Node label values to match. Ignored if `affinity` is set.
- ## E.g.
- ## values:
- ## - e2e-az1
- ## - e2e-az2
- ##
- values: []
- ## @param alertmanager.affinity Alertmanager Affinity for pod assignment
- ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
- ## Note: alertmanager.podAffinityPreset, alertmanager.podAntiAffinityPreset, and alertmanager.nodeAffinityPreset will be ignored when it's set
- ##
- affinity: {}
- ## @param alertmanager.nodeSelector Alertmanager Node labels for pod assignment
- ## ref: https://kubernetes.io/docs/user-guide/node-selection/
- ##
- nodeSelector: {}
- ## @param alertmanager.tolerations Alertmanager Tolerations for pod assignment
- ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
- ##
- tolerations: []
- ## Alertmanager configuration
- ## ref: https://prometheus.io/docs/alerting/configuration/#configuration-file
- ## @param alertmanager.config [object] Alertmanager configuration directive
- ## @skip alertmanager.config.route.group_by
- ## @skip alertmanager.config.route.routes
- ## @skip alertmanager.config.receivers
- ##
- config:
- global:
- resolve_timeout: 5m
- route:
- group_by: ["job"]
- group_wait: 30s
- group_interval: 5m
- repeat_interval: 12h
- receiver: "null"
- routes:
- - match:
- alertname: Watchdog
- receiver: "null"
- receivers:
- - name: "null"
- ## @param alertmanager.externalConfig Alertmanager configuration is created externally. If true, `alertmanager.config` is ignored, and a secret will not be created.
- ## Alertmanager requires a secret named `alertmanager-{{ template "kube-prometheus.alertmanager.fullname" . }}`
- ## It must contain:
- ## alertmanager.yaml:
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/alerting.md#alerting
- ##
- externalConfig: false
- ## @param alertmanager.replicaCount Number of Alertmanager replicas desired
- ##
- replicaCount: 1
- ## Configure extra options for liveness probe
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
- ## @param alertmanager.livenessProbe.enabled Turn on and off liveness probe
- ## @param alertmanager.livenessProbe.path Path of the HTTP service for checking the healthy state
- ## @param alertmanager.livenessProbe.initialDelaySeconds Delay before liveness probe is initiated
- ## @param alertmanager.livenessProbe.periodSeconds How often to perform the probe
- ## @param alertmanager.livenessProbe.timeoutSeconds When the probe times out
- ## @param alertmanager.livenessProbe.failureThreshold Minimum consecutive failures for the probe
- ## @param alertmanager.livenessProbe.successThreshold Minimum consecutive successes for the probe
- ##
- livenessProbe:
- enabled: true
- path: /-/healthy
- initialDelaySeconds: 0
- periodSeconds: 5
- timeoutSeconds: 3
- failureThreshold: 120
- successThreshold: 1
- ## Configure extra options for readiness probe
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
- ## @param alertmanager.readinessProbe.enabled Turn on and off readiness probe
- ## @param alertmanager.readinessProbe.path Path of the HTTP service for checking the ready state
- ## @param alertmanager.readinessProbe.initialDelaySeconds Delay before readiness probe is initiated
- ## @param alertmanager.readinessProbe.periodSeconds How often to perform the probe
- ## @param alertmanager.readinessProbe.timeoutSeconds When the probe times out
- ## @param alertmanager.readinessProbe.failureThreshold Minimum consecutive failures for the probe
- ## @param alertmanager.readinessProbe.successThreshold Minimum consecutive successes for the probe
- ##
- readinessProbe:
- enabled: true
- path: /-/ready
- initialDelaySeconds: 0
- periodSeconds: 5
- timeoutSeconds: 3
- failureThreshold: 120
- successThreshold: 1
- ## @param alertmanager.logLevel Log level for Alertmanager
- ##
- logLevel: info
- ## @param alertmanager.logFormat Log format for Alertmanager
- ##
- logFormat: logfmt
- ## @param alertmanager.podMetadata [object] Standard object's metadata.
- ## ref: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
- ##
- podMetadata:
- labels: {}
- annotations: {}
- ## @param alertmanager.secrets Secrets that should be mounted into the Alertmanager Pods
- ##
- secrets: []
- ## @param alertmanager.configMaps ConfigMaps that should be mounted into the Alertmanager Pods
- ##
- configMaps: []
- ## @param alertmanager.retention Metrics retention days
- ##
- retention: 240h
- ## @param alertmanager.storageSpec Alertmanager StorageSpec for persistent data
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/storage.md
- ##
- storageSpec: {}
- ## Alertmanager persistence parameters
- ##
- persistence:
- ## @param alertmanager.persistence.enabled Use PVCs to persist data. If the storageSpec is provided this will not take effect.
- ## If you want to use this configuration make sure the storageSpec is not provided.
- ##
- enabled: true
- ## @param alertmanager.persistence.storageClass Persistent Volume Storage Class
- ## If defined, storageClassName:
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner.
- ##
- storageClass: ""
- ## @param alertmanager.persistence.accessModes Persistent Volume Access Modes
- ##
- accessModes:
- - ReadWriteOnce
- ## @param alertmanager.persistence.size Persistent Volume Size
- ##
- size: 999Gi
- ## @param alertmanager.paused If true, the Operator won't process any Alertmanager configuration changes
- ##
- paused: false
- ## @param alertmanager.listenLocal ListenLocal makes the Alertmanager server listen on loopback
- ##
- listenLocal: false
- ## @param alertmanager.containers Containers allows injecting additional containers
- ##
- containers: []
- ## @param alertmanager.volumes Volumes allows configuration of additional volumes. Evaluated as a template
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#alertmanagerspec
- ##
- volumes: []
- ## @param alertmanager.volumeMounts VolumeMounts allows configuration of additional VolumeMounts. Evaluated as a template
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/pi.md#alertmanagerspec
- ##
- volumeMounts: []
- ## @param alertmanager.priorityClassName Priority class assigned to the Pods
- ##
- priorityClassName: ""
- ## @param alertmanager.additionalPeers AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster
- ##
- additionalPeers: []
- ## @param alertmanager.routePrefix Prefix used to register routes, overriding externalUrl route
- ## Useful for proxies that rewrite URLs.
- ##
- routePrefix: /
- ## @param alertmanager.portName Port name used for the pods and governing service. This defaults to web
- ##
- portName: alertmanager
- ## @param alertmanager.configNamespaceSelector AlertmanagerConfigs to be selected for to merge and configure Alertmanager with. This defaults to {}
- ##
- configNamespaceSelector: {}
- ## @param alertmanager.configSelector Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace. This defaults to {}
- ##
- configSelector: {}
-
-####
-## Exporters
-####
-
-## @section Exporters
-
-## Exporters
-##
-exporters:
- node-exporter:
- ## @param exporters.node-exporter.enabled Enable node-exporter
- ##
- enabled: true
- kube-state-metrics:
- ## @param exporters.kube-state-metrics.enabled Enable kube-state-metrics
- ##
- enabled: true
-## @param node-exporter [object] Node Exporter deployment configuration
-##
-node-exporter:
- service:
- port: 9910
- targetPort: 9910
- labels:
- jobLabel: node-exporter
- serviceMonitor:
- enabled: true
- jobLabel: jobLabel
- extraArgs:
- collector.filesystem.ignored-mount-points: "^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+|var/db/system/.+|mnt/[a-zA-Z0-9-_\\.]+/ix-applications/.+)($|/)"
- collector.filesystem.ignored-fs-types: "^(autofs|binfmt_misc|cgroup|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|mqueue|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|sysfs|tracefs)$"
- collector.netdev.device-exclude: "^veth.*$"
- collector.netclass.ignored-devices: "^veth.*$"
- path.rootfs: /host
- extraVolumes:
- - name: host
- hostPath:
- path: /
- extraVolumeMounts:
- - name: host
- mountPath: /host
- readOnly: true
-## @param kube-state-metrics [object] Node Exporter deployment configuration
-##
-kube-state-metrics:
- serviceMonitor:
- enabled: true
- honorLabels: true
-## Component scraping for kubelet and kubelet hosted cAdvisor
-##
-kubelet:
- ## @param kubelet.enabled Create a ServiceMonitor to scrape kubelet service
- ##
- enabled: true
- ## @param kubelet.namespace Namespace where kubelet service is deployed. Related configuration `operator.kubeletService.namespace`
- ##
- namespace: kube-system
- serviceMonitor:
- ## @param kubelet.serviceMonitor.https Enable scraping of the kubelet over HTTPS
- ##
- https: true
- ## @param kubelet.serviceMonitor.interval Scrape interval (use by default, falling back to Prometheus' default)
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
- ##
- interval: ""
- ## @param kubelet.serviceMonitor.metricRelabelings Metric relabeling
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs
- ##
- metricRelabelings: []
- ## @param kubelet.serviceMonitor.relabelings Relabel configs
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
- ##
- relabelings: []
- ## @param kubelet.serviceMonitor.cAdvisorMetricRelabelings Metric relabeling for scraping cAdvisor
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs
- ##
- cAdvisorMetricRelabelings: []
- ## @param kubelet.serviceMonitor.cAdvisorRelabelings Relabel configs for scraping cAdvisor
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs
- ##
- cAdvisorRelabelings: []
-## Component scraping the kube-apiserver
-##
-kubeApiServer:
- ## @param kubeApiServer.enabled Create a ServiceMonitor to scrape kube-apiserver service
- ##
- enabled: true
- serviceMonitor:
- ## @param kubeApiServer.serviceMonitor.interval Scrape interval. If not set, the Prometheus default scrape interval is used.
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
- ##
- interval: ""
- ## @param kubeApiServer.serviceMonitor.metricRelabelings Metric relabeling
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs
- ##
- metricRelabelings: []
- ## @param kubeApiServer.serviceMonitor.relabelings Relabel configs
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
- ##
- relabelings: []
-## Component scraping the kube-controller-manager
-##
-kubeControllerManager:
- ## @param kubeControllerManager.enabled Create a ServiceMonitor to scrape kube-controller-manager service
- ##
- enabled: false
- ## @param kubeControllerManager.endpoints If your kube controller manager is not deployed as a pod, specify IPs it can be found on
- ## endpoints:
- ## - 10.141.4.22
- ## - 10.141.4.23
- ## - 10.141.4.24
- ##
- endpoints: []
- ## @param kubeControllerManager.namespace Namespace where kube-controller-manager service is deployed.
- ##
- namespace: kube-system
- ## Service ports and selector information
- ## @param kubeControllerManager.service.enabled Whether or not to create a Service object for kube-controller-manager
- ## @param kubeControllerManager.service.port Listening port of the kube-controller-manager Service object
- ## @param kubeControllerManager.service.targetPort Port to target on the kube-controller-manager Pods. This should be the port that kube-controller-manager is exposing metrics on
- ## @param kubeControllerManager.service.selector Optional PODs Label selector for the service
- ##
- service:
- enabled: true
- port: 10252
- targetPort: 10252
- ## selector:
- ## component: kube-controller-manager
- ##
- selector: {}
- serviceMonitor:
- ## @param kubeControllerManager.serviceMonitor.interval Scrape interval (use by default, falling back to Prometheus' default)
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
- ##
- interval: ""
- ## @param kubeControllerManager.serviceMonitor.https Enable scraping kube-controller-manager over https
- ## Requires proper certs (not self-signed) and delegated authentication/authorization checks
- ##
- https: false
- ## @param kubeControllerManager.serviceMonitor.insecureSkipVerify Skip TLS certificate validation when scraping
- ##
- insecureSkipVerify: ""
- ## @param kubeControllerManager.serviceMonitor.serverName Name of the server to use when validating TLS certificate
- serverName: ""
- ## @param kubeControllerManager.serviceMonitor.metricRelabelings Metric relabeling
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs
- ##
- metricRelabelings: []
- ## @param kubeControllerManager.serviceMonitor.relabelings Relabel configs
- ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
- ##
- relabelings: []
-## Component scraping kube scheduler
-##
-kubeScheduler:
- ## @param kubeScheduler.enabled Create a ServiceMonitor to scrape kube-scheduler service
- ##
- enabled: false
- ## @param kubeScheduler.endpoints If your kube scheduler is not deployed as a pod, specify IPs it can be found on
- ## endpoints:
- ## - 10.141.4.22
- ## - 10.141.4.23
- ## - 10.141.4.24
- ##
- endpoints: []
- ## @param kubeScheduler.namespace Namespace where kube-scheduler service is deployed.
- ##
- namespace: kube-system
- ## If using kubeScheduler.endpoints only the port and targetPort are used
- ## @param kubeScheduler.service.enabled Whether or not to create a Service object for kube-scheduler
- ## @param kubeScheduler.service.port Listening port of the kube scheduler Service object
- ## @param kubeScheduler.service.targetPort Port to target on the kube scheduler Pods. This should be the port that kube scheduler is exposing metrics on
- ## @param kubeScheduler.service.selector Optional PODs Label selector for the service
- ##
- service:
- enabled: true
- port: 10251
- targetPort: 10251
- ## selector:
- ## component: kube-scheduler
- ##
- selector: {}
- serviceMonitor:
- ## @param kubeScheduler.serviceMonitor.interval Scrape interval (use by default, falling back to Prometheus' default)
- ##
- interval: ""
- ## @param kubeScheduler.serviceMonitor.https Enable scraping kube-scheduler over https
- ## Requires proper certs (not self-signed) and delegated authentication/authorization checks
- ##
- https: false
- ## @param kubeScheduler.serviceMonitor.insecureSkipVerify Skip TLS certificate validation when scraping
- ##
- insecureSkipVerify: ""
- ## @param kubeScheduler.serviceMonitor.serverName Name of the server to use when validating TLS certificate
- ##
- serverName: ""
- ## @param kubeScheduler.serviceMonitor.metricRelabelings Metric relabeling
- ## metricRelabelings:
- ## - action: keep
- ## regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
- ## sourceLabels: [__name__]
- ##
- metricRelabelings: []
- ## @param kubeScheduler.serviceMonitor.relabelings Relabel configs
- ## relabelings:
- ## - sourceLabels: [__meta_kubernetes_pod_node_name]
- ## separator: ;
- ## regex: ^(.*)$
- ## targetLabel: nodename
- ## replacement: $1
- ## action: replace
- ##
- relabelings: []
-## Component scraping coreDns
-##
-coreDns:
- ## @param coreDns.enabled Create a ServiceMonitor to scrape coredns service
- ##
- enabled: true
- ## @param coreDns.namespace Namespace where core dns service is deployed.
- ##
- namespace: kube-system
- ## Create a ServiceMonitor to scrape coredns service
- ## @param coreDns.service.enabled Whether or not to create a Service object for coredns
- ## @param coreDns.service.port Listening port of the coredns Service object
- ## @param coreDns.service.targetPort Port to target on the coredns Pods. This should be the port that coredns is exposing metrics on
- ## @param coreDns.service.selector Optional PODs Label selector for the service
- ##
- service:
- enabled: true
- port: 9153
- targetPort: 9153
- ## selector:
- ## component: kube-dns
- ##
- selector: {}
- serviceMonitor:
- ## @param coreDns.serviceMonitor.interval Scrape interval. If not set, the Prometheus default scrape interval is used.
- ##
- interval: ""
- ## @param coreDns.serviceMonitor.metricRelabelings Metric relabel configs to apply to samples before ingestion.
- ## metricRelabelings:
- ## - action: keep
- ## regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
- ## sourceLabels: [__name__]
- ##
- metricRelabelings: []
- ## @param coreDns.serviceMonitor.relabelings Relabel configs to apply to samples before ingestion.
- ## relabelings:
- ## - sourceLabels: [__meta_kubernetes_pod_node_name]
- ## separator: ;
- ## regex: ^(.*)$
- ## targetLabel: nodename
- ## replacement: $1
- ## action: replace
- ##
- relabelings: []
-## Component scraping the kube-proxy
-##
-kubeProxy:
- ## @param kubeProxy.enabled Create a ServiceMonitor to scrape the kube-proxy Service
- ##
- enabled: false
-
-portal:
- enabled: true
diff --git a/enterprise/prometheus/7.0.60/questions.yaml b/enterprise/prometheus/7.0.60/questions.yaml
deleted file mode 100644
index cb06b3c771b..00000000000
--- a/enterprise/prometheus/7.0.60/questions.yaml
+++ /dev/null
@@ -1,1288 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: operator
- group: "App Configuration"
- label: "Operator Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: logLevel
- label: "Log Level"
- description: "Log level for Operator"
- schema:
- type: string
- default: "info"
- - variable: prometheus
- group: "App Configuration"
- label: "Prometheus Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: logLevel
- label: "Log Level"
- description: "Log level for Prometheus"
- schema:
- type: string
- default: "info"
- - variable: retention
- label: "Retention"
- description: "Metrics retention days"
- schema:
- type: string
- default: "31d"
- - variable: retentionSize
- label: "Max Retention Size"
- description: "Maximum size of metrics"
- schema:
- type: string
- default: ""
- - variable: scrapeInterval
- label: "Scrape interval"
- description: "Interval between consecutive scrapes"
- schema:
- type: string
- default: "15s"
- - variable: evaluationInterval
- label: "Evaluation interval"
- description: "Interval between consecutive evaluations"
- schema:
- type: string
- default: "30s"
- - variable: disableCompaction
- label: "Disable Compaction"
- description: "Disable the compaction of the Prometheus TSDB"
- schema:
- type: boolean
- default: false
- - variable: walCompression
- label: "WAL Compression"
- description: "Enable compression of the write-ahead log using Snappy"
- schema:
- type: boolean
- default: false
- - variable: alertmanager
- group: "App Configuration"
- label: "Alertmanager Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: logLevel
- label: "Log Level"
- description: "Log level for Alertmanager"
- schema:
- type: string
- default: "info"
- - variable: retention
- label: "Retention"
- description: "Metrics retention days"
- schema:
- type: string
- default: "240h"
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The serving the Prometheus WebUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10086
- required: true
- - variable: alertmanager
- label: "alertmanager Service"
- description: "alertmanager service "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: alertmanager
- label: "alertmanager Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10087
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
diff --git a/enterprise/prometheus/7.0.60/templates/_helpers.tpl b/enterprise/prometheus/7.0.60/templates/_helpers.tpl
deleted file mode 100644
index 6ac4ea63678..00000000000
--- a/enterprise/prometheus/7.0.60/templates/_helpers.tpl
+++ /dev/null
@@ -1,198 +0,0 @@
-{{/* Name suffixed with operator */}}
-{{- define "kube-prometheus.fullname" -}}
-{{- printf "%s" (include "tc.common.names.fullname" . ) -}}
-{{- end }}
-
-{{/* Name suffixed with operator */}}
-{{- define "kube-prometheus.name" -}}
-{{- printf "%s" (include "tc.common.names.fullname" . ) -}}
-{{- end }}
-
-{{/* Name suffixed with operator */}}
-{{- define "kube-prometheus.operator.name" -}}
-{{- printf "%s-operator" (include "tc.common.names.fullname" . ) -}}
-{{- end }}
-
-{{/* Name suffixed with prometheus */}}
-{{- define "kube-prometheus.prometheus.name" -}}
-{{- printf "%s-prometheus" (include "tc.common.names.fullname" . ) -}}
-{{- end }}
-
-{{/* Name suffixed with alertmanager */}}
-{{- define "kube-prometheus.alertmanager.name" -}}
-{{- printf "%s-alertmanager" (include "tc.common.names.fullname" . ) -}}
-{{- end }}
-
-{{/* Name suffixed with thanos */}}
-{{- define "kube-prometheus.thanos.name" -}}
-{{- printf "%s-thanos" (include "tc.common.names.fullname" . ) -}}
-{{- end }}
-
-{{/* Fullname suffixed with operator */}}
-{{- define "kube-prometheus.operator.fullname" -}}
-{{- printf "%s-operator" (include "tc.common.names.fullname" . ) -}}
-{{- end }}
-
-{{/* Fullname suffixed with prometheus */}}
-{{- define "kube-prometheus.prometheus.fullname" -}}
-{{- printf "%s-prometheus" (include "tc.common.names.fullname" . ) -}}
-{{- end }}
-
-{{/* Fullname suffixed with alertmanager */}}
-{{- define "kube-prometheus.alertmanager.fullname" -}}
-{{- printf "%s-alertmanager" (include "tc.common.names.fullname" . ) -}}
-{{- end }}
-
-{{/* Fullname suffixed with thanos */}}
-{{- define "kube-prometheus.thanos.fullname" -}}
-{{- printf "%s-thanos" (include "kube-prometheus.prometheus.fullname" .) -}}
-{{- end }}
-
-{{- define "kube-prometheus.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common Labels
-*/}}
-{{- define "kube-prometheus.labels" -}}
-{{ include "tc.common.labels" . }}
-{{- if .Values.global.labels }}
-{{ toYaml .Values.global.labels }}
-{{- end }}
-{{- end -}}
-
-{{/*
-Labels for operator
-*/}}
-{{- define "kube-prometheus.operator.labels" -}}
-{{ include "tc.common.labels" . }}
-app.kubernetes.io/component: operator
-{{- end -}}
-
-{{/*
-Labels for prometheus
-*/}}
-{{- define "kube-prometheus.prometheus.labels" -}}
-{{ include "tc.common.labels" . }}
-app.kubernetes.io/component: prometheus
-{{- end -}}
-
-{{/*
-Labels for alertmanager
-*/}}
-{{- define "kube-prometheus.alertmanager.labels" -}}
-{{ include "tc.common.labels" . }}
-app.kubernetes.io/component: alertmanager
-{{- end -}}
-
-{{/*
-matchLabels for operator
-*/}}
-{{- define "kube-prometheus.operator.matchLabels" -}}
-{{ include "tc.common.labels.selectorLabels" . }}
-app.kubernetes.io/component: operator
-{{- end -}}
-
-{{/*
-matchLabels for prometheus
-*/}}
-{{- define "kube-prometheus.prometheus.matchLabels" -}}
-{{ include "tc.common.labels.selectorLabels" . }}
-app.kubernetes.io/component: prometheus
-{{- end -}}
-
-{{/*
-matchLabels for alertmanager
-*/}}
-{{- define "kube-prometheus.alertmanager.matchLabels" -}}
-{{ include "tc.common.labels.selectorLabels" . }}
-app.kubernetes.io/component: alertmanager
-{{- end -}}
-
-{{/*
-Return the proper Prometheus Operator image name
-*/}}
-{{- define "kube-prometheus.image" -}}
-{{ printf "%s:%s" .Values.image.repository (default .Chart.AppVersion .Values.image.tag) | quote }}
-{{- end -}}
-
-{{/*
-Return the proper Prometheus Operator Reloader image name
-*/}}
-{{- define "kube-prometheus.prometheusConfigReloader.image" -}}
-{{- include "kube-prometheus.image" . -}}
-{{- end -}}
-
-{{/*
-Return the proper Prometheus Image name
-*/}}
-{{- define "kube-prometheus.prometheus.image" -}}
-{{ printf "%s:%s" .Values.image.repository (default .Chart.AppVersion .Values.image.tag) | quote }}
-{{- end -}}
-
-{{/*
-Return the proper Thanos Image name
-*/}}
-{{- define "kube-prometheus.prometheus.thanosImage" -}}
-{{ printf "%s:%s" .Values.thanosImage.repository (default .Chart.AppVersion .Values.thanosImage.tag) | quote }}
-{{- end -}}
-
-{{/*
-Return the proper Alertmanager Image name
-*/}}
-{{- define "kube-prometheus.alertmanager.image" -}}
-{{ printf "%s:%s" .Values.alertmanagerImage.repository (default .Chart.AppVersion .Values.alertmanagerImage.tag) | quote }}
-{{- end -}}
-
-{{/*
-Return the proper Docker Image Registry Secret Names
-*/}}
-{{- define "kube-prometheus.imagePullSecrets" -}}
-{{- end -}}
-
-{{/*
-Create the name of the operator service account to use
-*/}}
-{{- define "kube-prometheus.operator.serviceAccountName" -}}
-{{- if .Values.operator.serviceAccount.create -}}
- {{ default (include "kube-prometheus.operator.fullname" .) .Values.operator.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.operator.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the prometheus service account to use
-*/}}
-{{- define "kube-prometheus.prometheus.serviceAccountName" -}}
-{{- if .Values.prometheus.serviceAccount.create -}}
- {{ default (include "kube-prometheus.prometheus.fullname" .) .Values.prometheus.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.prometheus.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the alertmanager service account to use
-*/}}
-{{- define "kube-prometheus.alertmanager.serviceAccountName" -}}
-{{- if .Values.alertmanager.serviceAccount.create -}}
- {{ default (include "kube-prometheus.alertmanager.fullname" .) .Values.alertmanager.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.alertmanager.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Compile all warnings into a single message, and call fail.
-*/}}
-{{- define "kube-prometheus.validateValues" -}}
-{{- $messages := list -}}
-{{- $messages := without $messages "" -}}
-{{- $message := join "\n" $messages -}}
-
-{{- if $message -}}
-{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
-{{- end -}}
-{{- end -}}
diff --git a/enterprise/prometheus/7.0.60/templates/alertmanager/_alertmanager.tpl b/enterprise/prometheus/7.0.60/templates/alertmanager/_alertmanager.tpl
deleted file mode 100644
index d85a8f0ad87..00000000000
--- a/enterprise/prometheus/7.0.60/templates/alertmanager/_alertmanager.tpl
+++ /dev/null
@@ -1,183 +0,0 @@
-{{- define "prometheus.alertmanager.alertmanager" -}}
-{{- if .Values.alertmanager.enabled }}
----
-apiVersion: monitoring.coreos.com/v1
-kind: Alertmanager
-metadata:
- name: {{ template "kube-prometheus.alertmanager.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }}
-spec:
- replicas: {{ .Values.alertmanager.replicaCount }}
- serviceAccountName: {{ template "kube-prometheus.alertmanager.serviceAccountName" . }}
- {{- if .Values.alertmanager.image }}
- image: {{ template "kube-prometheus.alertmanager.image" . }}
- {{- end }}
- listenLocal: {{ .Values.alertmanager.listenLocal }}
- {{- if index .Values.alertmanager "externalUrl" }}
- externalUrl: "{{ .Values.alertmanager.externalUrl }}"
- {{- else if and .Values.ingress.alertmanager.enabled .Values.ingress.alertmanager.hosts }}
- externalUrl: {{ if .Values.ingress.alertmanager.tls }}https{{else}}http{{ end }}://{{ (index .Values.ingress.alertmanager.hosts 0).name }}{{ .Values.alertmanager.routePrefix }}
- {{- else }}
- externalUrl: http://{{ template "kube-prometheus.alertmanager.fullname" . }}.{{ .Release.Namespace }}:{{ .Values.service.alertmanager.ports.alertmanager.port }}{{ .Values.alertmanager.routePrefix }}
- {{- end }}
- portName: "{{ .Values.alertmanager.portName }}"
- paused: {{ .Values.alertmanager.paused }}
- logFormat: {{ .Values.alertmanager.logFormat }}
- logLevel: {{ .Values.alertmanager.logLevel }}
- retention: {{ .Values.alertmanager.retention }}
- {{- if .Values.alertmanager.secrets }}
- secrets: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.secrets "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.alertmanager.configMaps }}
- configMaps: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.configMaps "context" $) | nindent 4 }}
- {{- end }}
- resources: {{- toYaml .Values.alertmanager.resources | nindent 4 }}
- routePrefix: "{{ .Values.alertmanager.routePrefix }}"
- {{- if .Values.alertmanager.podSecurityContext.enabled }}
- securityContext: {{- omit .Values.alertmanager.podSecurityContext "enabled" | toYaml | nindent 4 }}
- {{- end }}
- {{- if .Values.alertmanager.storageSpec }}
- storage: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.storageSpec "context" $) | nindent 4 }}
- {{- else }}
- {{- if .Values.alertmanager.persistence.enabled }}
- storage:
- volumeClaimTemplate:
- spec:
- accessModes:
- {{- range .Values.alertmanager.persistence.accessModes }}
- - {{ . | quote }}
- {{- end }}
- resources:
- requests:
- storage: {{ .Values.alertmanager.persistence.size | quote }}
- {{- include "tc.common.storage.storageClassName" (dict "persistence" .Values.alertmanager.persistence "global" $ ) | nindent 8 }}
- {{- end }}
- {{- end }}
- {{- if or .Values.alertmanager.podMetadata.labels .Values.alertmanager.podMetadata.annotations (eq .Values.alertmanager.podAntiAffinityPreset "soft") (eq .Values.alertmanager.podAntiAffinityPreset "hard") }}
- podMetadata:
- labels:
- {{- if .Values.alertmanager.podMetadata.labels }}
- {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.podMetadata.labels "context" $) | nindent 6 }}
- {{- end }}
- {{- if or (eq .Values.alertmanager.podAntiAffinityPreset "soft") (eq .Values.alertmanager.podAntiAffinityPreset "hard") }}
- {{- include "kube-prometheus.alertmanager.matchLabels" . | nindent 6 }}
- {{- end }}
- {{- if .Values.alertmanager.podMetadata.annotations }}
- annotations:
- {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.podMetadata.annotations "context" $) | nindent 6 }}
- {{- end }}
- {{- end }}
- {{- if .Values.alertmanager.affinity }}
- affinity: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.affinity "context" $) | nindent 4 }}
- {{- else }}
- affinity:
- {{- if not (empty .Values.alertmanager.podAffinityPreset) }}
- podAffinity: {{- include "tc.common.affinities.pods" (dict "type" .Values.alertmanager.podAffinityPreset "component" "alertmanager" "context" $) | nindent 6 }}
- {{- end }}
- {{- if not (empty .Values.alertmanager.podAntiAffinityPreset) }}
- podAntiAffinity: {{- include "tc.common.affinities.pods" (dict "type" .Values.alertmanager.podAntiAffinityPreset "component" "alertmanager" "context" $) | nindent 6 }}
- {{- end }}
- {{- if not (empty .Values.alertmanager.nodeAffinityPreset.values) }}
- nodeAffinity: {{- include "tc.common.affinities.nodes" (dict "type" .Values.alertmanager.nodeAffinityPreset.type "key" .Values.alertmanager.nodeAffinityPreset.key "values" .Values.alertmanager.nodeAffinityPreset.values) | nindent 6 }}
- {{- end }}
- {{- end }}
- {{- if .Values.alertmanager.nodeSelector }}
- nodeSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.nodeSelector "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.alertmanager.tolerations }}
- tolerations: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.tolerations "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.alertmanager.volumes }}
- volumes: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.volumes "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.alertmanager.volumeMounts }}
- volumeMounts: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.volumeMounts "context" $) | nindent 4 }}
- {{- end }}
-{{- include "kube-prometheus.imagePullSecrets" . | indent 2 }}
- {{- if or .Values.alertmanager.containers .Values.alertmanager.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }}
- containers:
- {{- if or .Values.alertmanager.containerSecurityContext.enabled .Values.alertmanager.livenessProbe.enabled .Values.alertmanager.readinessProbe.enabled }}
- ## This monkey patching is needed until the securityContexts are
- ## directly patchable via the CRD.
- ## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947
- ## currently implemented with strategic merge
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md
- - name: alertmanager
- {{- if .Values.alertmanager.containerSecurityContext.enabled }}
- securityContext: {{- omit .Values.alertmanager.containerSecurityContext "enabled" | toYaml | nindent 8 }}
- {{- end }}
- {{- if .Values.alertmanager.livenessProbe.enabled }}
- livenessProbe:
- httpGet:
- path: {{ .Values.alertmanager.livenessProbe.path }}
- port: alertmanager
- scheme: HTTP
- initialDelaySeconds: {{ .Values.alertmanager.livenessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.alertmanager.livenessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.alertmanager.livenessProbe.timeoutSeconds }}
- failureThreshold: {{ .Values.alertmanager.livenessProbe.failureThreshold }}
- successThreshold: {{ .Values.alertmanager.livenessProbe.successThreshold }}
- {{- end }}
- {{- if .Values.alertmanager.readinessProbe.enabled }}
- readinessProbe:
- httpGet:
- path: {{ .Values.alertmanager.readinessProbe.path }}
- port: alertmanager
- scheme: HTTP
- initialDelaySeconds: {{ .Values.alertmanager.readinessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.alertmanager.readinessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.alertmanager.readinessProbe.timeoutSeconds }}
- failureThreshold: {{ .Values.alertmanager.readinessProbe.failureThreshold }}
- successThreshold: {{ .Values.alertmanager.readinessProbe.successThreshold }}
- {{- end }}
- {{- end }}
- {{- if or .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.livenessProbe.enabled .Values.operator.prometheusConfigReloader.readinessProbe.enabled }}
- ## This monkey patching is needed until the securityContexts are
- ## directly patchable via the CRD.
- ## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947
- ## currently implemented with strategic merge
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md
- - name: config-reloader
- {{- if .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }}
- securityContext: {{- omit .Values.operator.prometheusConfigReloader.containerSecurityContext "enabled" | toYaml | nindent 8 }}
- {{- end }}
- {{- if .Values.operator.prometheusConfigReloader.livenessProbe.enabled }}
- livenessProbe:
- tcpSocket:
- port: reloader-web
- initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.timeoutSeconds }}
- failureThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.failureThreshold }}
- successThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.successThreshold }}
- {{- end }}
- {{- if .Values.operator.prometheusConfigReloader.readinessProbe.enabled }}
- readinessProbe:
- tcpSocket:
- port: reloader-web
- initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.timeoutSeconds }}
- failureThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.failureThreshold }}
- successThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.successThreshold }}
- {{- end }}
- {{- end }}
- {{- if .Values.alertmanager.containers }}
- {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.containers "context" $) | nindent 4 }}
- {{- end }}
- {{- end }}
- {{- if .Values.alertmanager.priorityClassName }}
- priorityClassName: {{ .Values.alertmanager.priorityClassName }}
- {{- end }}
- {{- if .Values.alertmanager.additionalPeers }}
- additionalPeers: {{ .Values.alertmanager.additionalPeers }}
- {{- end }}
- {{- if .Values.alertmanager.configNamespaceSelector }}
- alertmanagerConfigNamespaceSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.configNamespaceSelector "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.alertmanager.configSelector }}
- alertmanagerConfigSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.configSelector "context" $) | nindent 4 }}
- {{- end }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/alertmanager/secrets.yaml b/enterprise/prometheus/7.0.60/templates/alertmanager/secrets.yaml
deleted file mode 100644
index 9a6f518f35c..00000000000
--- a/enterprise/prometheus/7.0.60/templates/alertmanager/secrets.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-{{- if (and .Values.alertmanager.enabled (not .Values.alertmanager.externalConfig) ) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: alertmanager-{{ template "kube-prometheus.alertmanager.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }}
-data:
- alertmanager.yaml: {{ toYaml .Values.alertmanager.config | b64enc | quote }}
-{{- range $key, $val := .Values.alertmanager.templateFiles }}
- {{ $key }}: {{ $val | b64enc | quote }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/alertmanager/serviceaccount.yaml b/enterprise/prometheus/7.0.60/templates/alertmanager/serviceaccount.yaml
deleted file mode 100644
index 0086398a45a..00000000000
--- a/enterprise/prometheus/7.0.60/templates/alertmanager/serviceaccount.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ template "kube-prometheus.alertmanager.serviceAccountName" . }}
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }}
- {{- if index .Values.alertmanager.serviceAccount "annotations" }}
- annotations: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.serviceAccount.annotations "context" $) | nindent 4 }}
- {{- end }}
-{{- include "kube-prometheus.imagePullSecrets" . }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/alertmanager/servicemonitor.yaml b/enterprise/prometheus/7.0.60/templates/alertmanager/servicemonitor.yaml
deleted file mode 100644
index 56071b8e187..00000000000
--- a/enterprise/prometheus/7.0.60/templates/alertmanager/servicemonitor.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- name: {{ template "kube-prometheus.alertmanager.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }}
-spec:
- selector:
- matchLabels: {{- include "kube-prometheus.alertmanager.matchLabels" . | nindent 6 }}
- namespaceSelector:
- matchNames:
- - {{ .Release.Namespace }}
- endpoints:
- - port: http
- {{- if .Values.alertmanager.serviceMonitor.interval }}
- interval: {{ .Values.alertmanager.serviceMonitor.interval }}
- {{- end }}
- path: {{ trimSuffix "/" .Values.alertmanager.routePrefix }}/metrics
- {{- if .Values.alertmanager.serviceMonitor.metricRelabelings }}
- metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.alertmanager.serviceMonitor.metricRelabelings "context" $) | nindent 8 }}
- {{- end }}
- {{- if .Values.alertmanager.serviceMonitor.relabelings }}
- relabelings: {{- toYaml .Values.alertmanager.serviceMonitor.relabelings | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/common.yaml b/enterprise/prometheus/7.0.60/templates/common.yaml
deleted file mode 100644
index f3da376e1f6..00000000000
--- a/enterprise/prometheus/7.0.60/templates/common.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{- include "prometheus.prometheus.prometheus" . }}
-{{- include "prometheus.prometheus.additionalprometheusrules" . }}
-{{- include "prometheus.prometheus.additionalscrapejobs" . }}
-{{- include "prometheus.prometheus.servicemonitor" . }}
-
-{{- include "prometheus.alertmanager.alertmanager" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/enterprise/prometheus/7.0.60/templates/exporters/core-dns/service.yaml b/enterprise/prometheus/7.0.60/templates/exporters/core-dns/service.yaml
deleted file mode 100644
index 359c945de46..00000000000
--- a/enterprise/prometheus/7.0.60/templates/exporters/core-dns/service.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-{{- if and .Values.coreDns.enabled .Values.coreDns.service.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ template "kube-prometheus.fullname" . }}-coredns
- namespace: {{ .Values.coreDns.namespace }}
- labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
- app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-coredns
-spec:
- clusterIP: None
- ports:
- - name: http-metrics
- port: {{ .Values.coreDns.service.port }}
- protocol: TCP
- targetPort: {{ .Values.coreDns.service.targetPort }}
- selector:
- {{- if .Values.coreDns.service.selector }}
-{{ toYaml .Values.coreDns.service.selector | indent 4 }}
- {{- else}}
- k8s-app: kube-dns
- {{- end}}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/exporters/core-dns/servicemonitor.yaml b/enterprise/prometheus/7.0.60/templates/exporters/core-dns/servicemonitor.yaml
deleted file mode 100644
index 1c8a6d34a92..00000000000
--- a/enterprise/prometheus/7.0.60/templates/exporters/core-dns/servicemonitor.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- if .Values.coreDns.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- name: {{ template "kube-prometheus.fullname" . }}-coredns
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
- app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-coredns
-spec:
- jobLabel: k8s-app
- selector:
- matchLabels:
- app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-coredns
- namespaceSelector:
- matchNames:
- - {{ .Values.coreDns.namespace }}
- endpoints:
- - port: http-metrics
- {{- if .Values.coreDns.serviceMonitor.interval}}
- interval: {{ .Values.coreDns.serviceMonitor.interval }}
- {{- end }}
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
- {{- if .Values.coreDns.serviceMonitor.metricRelabelings }}
- metricRelabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.coreDns.serviceMonitor.metricRelabelings "context" $) | nindent 6 }}
- {{- end }}
- {{- if .Values.coreDns.serviceMonitor.relabelings }}
- relabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.coreDns.serviceMonitor.relabelings "context" $) | nindent 6 }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/exporters/kube-apiserver/servicemonitor.yaml b/enterprise/prometheus/7.0.60/templates/exporters/kube-apiserver/servicemonitor.yaml
deleted file mode 100644
index 5ce8694e41a..00000000000
--- a/enterprise/prometheus/7.0.60/templates/exporters/kube-apiserver/servicemonitor.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- if .Values.kubeApiServer.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- name: {{ template "kube-prometheus.fullname" . }}-apiserver
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
- app.kubernetes.io/component: apiserver
-spec:
- jobLabel: component
- selector:
- matchLabels:
- component: apiserver
- provider: kubernetes
- namespaceSelector:
- matchNames:
- - default
- endpoints:
- - port: https
- scheme: https
- tlsConfig:
- caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
- serverName: kubernetes
- insecureSkipVerify: true
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
- {{- if .Values.kubeApiServer.serviceMonitor.interval }}
- interval: {{ .Values.kubeApiServer.serviceMonitor.interval }}
- {{- end }}
- {{- if .Values.kubeApiServer.serviceMonitor.metricRelabelings }}
- metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.kubeApiServer.serviceMonitor.metricRelabelings "context" $) | nindent 8 }}
- {{- end }}
- {{- if .Values.kubeApiServer.serviceMonitor.relabelings }}
- relabelings: {{- toYaml .Values.kubeApiServer.serviceMonitor.relabelings | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/exporters/kube-controller-manager/endpoints.yaml b/enterprise/prometheus/7.0.60/templates/exporters/kube-controller-manager/endpoints.yaml
deleted file mode 100644
index 13aa60ebf66..00000000000
--- a/enterprise/prometheus/7.0.60/templates/exporters/kube-controller-manager/endpoints.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.endpoints }}
-apiVersion: v1
-kind: Endpoints
-metadata:
- name: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
- namespace: {{ .Values.kubeControllerManager.namespace }}
- labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
- app.kubernetes.io/component: kube-controller-manager
-subsets:
- - addresses:
- {{- range .Values.kubeControllerManager.endpoints }}
- - ip: {{ . }}
- {{- end }}
- ports:
- - name: http-metrics
- port: {{ .Values.kubeControllerManager.service.port }}
- protocol: TCP
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/exporters/kube-controller-manager/service.yaml b/enterprise/prometheus/7.0.60/templates/exporters/kube-controller-manager/service.yaml
deleted file mode 100644
index 6a455359832..00000000000
--- a/enterprise/prometheus/7.0.60/templates/exporters/kube-controller-manager/service.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.service.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
- namespace: {{ .Values.kubeControllerManager.namespace }}
- labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
- app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
-spec:
- clusterIP: None
- ports:
- - name: http-metrics
- port: {{ .Values.kubeControllerManager.service.port }}
- protocol: TCP
- targetPort: {{ .Values.kubeControllerManager.service.targetPort }}
-{{- if .Values.kubeControllerManager.endpoints }}{{- else }}
- selector:
- {{- if .Values.kubeControllerManager.service.selector }}
-{{ toYaml .Values.kubeControllerManager.service.selector | indent 4 }}
- {{- else}}
- component: kube-controller-manager
- {{- end}}
-{{- end }}
- type: ClusterIP
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/exporters/kube-controller-manager/servicemonitor.yaml b/enterprise/prometheus/7.0.60/templates/exporters/kube-controller-manager/servicemonitor.yaml
deleted file mode 100644
index 5557af63959..00000000000
--- a/enterprise/prometheus/7.0.60/templates/exporters/kube-controller-manager/servicemonitor.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{- if .Values.kubeControllerManager.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- name: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
- app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
-spec:
- jobLabel: component
- selector:
- matchLabels:
- app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
- namespaceSelector:
- matchNames:
- - {{ .Values.kubeControllerManager.namespace }}
- endpoints:
- - port: http-metrics
- {{- if .Values.kubeControllerManager.serviceMonitor.interval }}
- interval: {{ .Values.kubeControllerManager.serviceMonitor.interval }}
- {{- end }}
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
- {{- if .Values.kubeControllerManager.serviceMonitor.https }}
- scheme: https
- tlsConfig:
- caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
- {{- if .Values.kubeControllerManager.serviceMonitor.insecureSkipVerify }}
- insecureSkipVerify: {{ .Values.kubeControllerManager.serviceMonitor.insecureSkipVerify }}
- {{- end }}
- {{- if .Values.kubeControllerManager.serviceMonitor.serverName }}
- serverName: {{ .Values.kubeControllerManager.serviceMonitor.serverName }}
- {{- end }}
- {{- end }}
- {{- if .Values.kubeControllerManager.serviceMonitor.metricRelabelings }}
- metricRelabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.kubeControllerManager.serviceMonitor.metricRelabelings "context" $) | nindent 6 }}
- {{- end }}
- {{- if .Values.kubeControllerManager.serviceMonitor.relabelings }}
- relabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.kubeControllerManager.serviceMonitor.relabelings "context" $) | nindent 6 }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/exporters/kube-scheduler/endpoints.yaml b/enterprise/prometheus/7.0.60/templates/exporters/kube-scheduler/endpoints.yaml
deleted file mode 100644
index dde3d8b9110..00000000000
--- a/enterprise/prometheus/7.0.60/templates/exporters/kube-scheduler/endpoints.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.endpoints }}
-apiVersion: v1
-kind: Endpoints
-metadata:
- name: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
- namespace: {{ .Values.kubeScheduler.namespace }}
- labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
- app.kubernetes.io/component: kube-scheduler
-subsets:
- - addresses:
- {{- range .Values.kubeScheduler.endpoints }}
- - ip: {{ . }}
- {{- end }}
- ports:
- - name: http-metrics
- port: {{ .Values.kubeScheduler.service.port }}
- protocol: TCP
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/exporters/kube-scheduler/service.yaml b/enterprise/prometheus/7.0.60/templates/exporters/kube-scheduler/service.yaml
deleted file mode 100644
index aad5969f5fd..00000000000
--- a/enterprise/prometheus/7.0.60/templates/exporters/kube-scheduler/service.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.service.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
- namespace: {{ .Values.kubeScheduler.namespace }}
- labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
- app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
-spec:
- clusterIP: None
- ports:
- - name: http-metrics
- port: {{ .Values.kubeScheduler.service.port}}
- protocol: TCP
- targetPort: {{ .Values.kubeScheduler.service.targetPort}}
-{{- if .Values.kubeScheduler.endpoints }}{{- else }}
- selector:
- {{- if .Values.kubeScheduler.service.selector }}
-{{ toYaml .Values.kubeScheduler.service.selector | indent 4 }}
- {{- else}}
- component: kube-scheduler
- {{- end}}
-{{- end }}
- type: ClusterIP
-{{- end -}}
diff --git a/enterprise/prometheus/7.0.60/templates/exporters/kube-scheduler/servicemonitor.yaml b/enterprise/prometheus/7.0.60/templates/exporters/kube-scheduler/servicemonitor.yaml
deleted file mode 100644
index 757ce98b7c0..00000000000
--- a/enterprise/prometheus/7.0.60/templates/exporters/kube-scheduler/servicemonitor.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{- if .Values.kubeScheduler.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- name: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
- app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
-spec:
- jobLabel: component
- selector:
- matchLabels:
- app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
- namespaceSelector:
- matchNames:
- - {{ .Values.kubeScheduler.namespace }}
- endpoints:
- - port: http-metrics
- {{- if .Values.kubeScheduler.serviceMonitor.interval }}
- interval: {{ .Values.kubeScheduler.serviceMonitor.interval }}
- {{- end }}
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
- {{- if .Values.kubeScheduler.serviceMonitor.https }}
- scheme: https
- tlsConfig:
- caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
- {{- if .Values.kubeScheduler.serviceMonitor.insecureSkipVerify }}
- insecureSkipVerify: {{ .Values.kubeScheduler.serviceMonitor.insecureSkipVerify }}
- {{- end}}
- {{- if .Values.kubeScheduler.serviceMonitor.serverName }}
- serverName: {{ .Values.kubeScheduler.serviceMonitor.serverName }}
- {{- end}}
- {{- end}}
- {{- if .Values.kubeScheduler.serviceMonitor.metricRelabelings }}
- metricRelabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.kubeScheduler.serviceMonitor.metricRelabelings "context" $) | nindent 6 }}
- {{- end }}
- {{- if .Values.kubeScheduler.serviceMonitor.relabelings }}
- metricRelabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.kubeScheduler.serviceMonitor.relabelings "context" $) | nindent 6 }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/exporters/kubelet/servicemonitor.yaml b/enterprise/prometheus/7.0.60/templates/exporters/kubelet/servicemonitor.yaml
deleted file mode 100644
index 30668f30489..00000000000
--- a/enterprise/prometheus/7.0.60/templates/exporters/kubelet/servicemonitor.yaml
+++ /dev/null
@@ -1,85 +0,0 @@
-{{- if .Values.kubelet.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- name: {{ template "kube-prometheus.fullname" . }}-kubelet
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
- app.kubernetes.io/component: kubelet
-spec:
- jobLabel: k8s-app
- selector:
- matchLabels:
- k8s-app: kubelet
- namespaceSelector:
- matchNames:
- - {{ .Values.kubelet.namespace }}
- endpoints:
- {{- if .Values.kubelet.serviceMonitor.https }}
- - port: https-metrics
- scheme: https
- tlsConfig:
- caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
- serverName: kubernetes
- insecureSkipVerify: true
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
- honorLabels: true
- {{- if .Values.kubelet.serviceMonitor.interval }}
- interval: {{ .Values.kubelet.serviceMonitor.interval }}
- {{- end }}
- {{- if .Values.kubelet.serviceMonitor.metricRelabelings }}
- metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.metricRelabelings "context" $) | nindent 8 }}
- {{- end }}
- {{- if .Values.kubelet.serviceMonitor.relabelings }}
- relabelings: {{- toYaml .Values.kubelet.serviceMonitor.relabelings | nindent 8 }}
- {{- end }}
- - port: https-metrics
- path: /metrics/cadvisor
- scheme: https
- tlsConfig:
- caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
- serverName: kubernetes
- insecureSkipVerify: true
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
- honorLabels: true
- {{- if .Values.kubelet.serviceMonitor.interval }}
- interval: {{ .Values.kubelet.serviceMonitor.interval }}
- {{- end }}
- {{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }}
- metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings "context" $) | nindent 8 }}
- {{- end }}
- {{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }}
- relabelings: {{- toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | nindent 8 }}
- {{- end }}
- {{- else }}
- - port: http-metrics
- scheme: http
- tlsConfig:
- insecureSkipVerify: false
- honorLabels: true
- {{- if .Values.kubelet.serviceMonitor.interval }}
- interval: {{ .Values.kubelet.serviceMonitor.interval }}
- {{- end }}
- {{- if .Values.kubelet.serviceMonitor.metricRelabelings }}
- metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.metricRelabelings "context" $) | nindent 8 }}
- {{- end }}
- {{- if .Values.kubelet.serviceMonitor.relabelings }}
- relabelings: {{- toYaml .Values.kubelet.serviceMonitor.relabelings | nindent 8 }}
- {{- end }}
- - port: http-metrics
- path: /metrics/cadvisor
- scheme: http
- tlsConfig:
- insecureSkipVerify: false
- honorLabels: true
- {{- if .Values.kubelet.serviceMonitor.interval }}
- interval: {{ .Values.kubelet.serviceMonitor.interval }}
- {{- end }}
- {{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }}
- metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings "context" $) | nindent 8 }}
- {{- end }}
- {{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }}
- relabelings: {{- toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | nindent 8 }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/prometheus/_additionalPrometheusRules.tpl b/enterprise/prometheus/7.0.60/templates/prometheus/_additionalPrometheusRules.tpl
deleted file mode 100644
index 121048d87ce..00000000000
--- a/enterprise/prometheus/7.0.60/templates/prometheus/_additionalPrometheusRules.tpl
+++ /dev/null
@@ -1,15 +0,0 @@
-{{- define "prometheus.prometheus.additionalprometheusrules" -}}
-{{- if and .Values.prometheus.enabled .Values.prometheus.additionalPrometheusRules}}
- {{- range .Values.prometheus.additionalPrometheusRules }}
----
-apiVersion: monitoring.coreos.com/v1
-kind: PrometheusRule
-metadata:
- name: {{ template "kube-prometheus.name" $ }}-{{ .name }}
- namespace: {{ $.Release.Namespace }}
- labels: {{ include "kube-prometheus.prometheus.labels" $ | nindent 4 }}
-spec:
- groups: {{- toYaml .groups | nindent 4 }}
- {{- end }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/prometheus/_additionalScrapeJobs.tpl b/enterprise/prometheus/7.0.60/templates/prometheus/_additionalScrapeJobs.tpl
deleted file mode 100644
index 0a85943034d..00000000000
--- a/enterprise/prometheus/7.0.60/templates/prometheus/_additionalScrapeJobs.tpl
+++ /dev/null
@@ -1,13 +0,0 @@
-{{- define "prometheus.prometheus.additionalscrapejobs" -}}
-{{- if (and .Values.prometheus.additionalScrapeConfigs.enabled (eq .Values.prometheus.additionalScrapeConfigs.type "internal") ) }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: additional-scrape-jobs-{{ template "kube-prometheus.prometheus.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
-data:
- scrape-jobs.yaml: {{ include "tc.common.tplvalues.render" ( dict "value" .Values.prometheus.additionalScrapeConfigs.internal.jobList "context" $ ) | b64enc | quote }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/prometheus/_prometheus.tpl b/enterprise/prometheus/7.0.60/templates/prometheus/_prometheus.tpl
deleted file mode 100644
index 828c9a53c20..00000000000
--- a/enterprise/prometheus/7.0.60/templates/prometheus/_prometheus.tpl
+++ /dev/null
@@ -1,361 +0,0 @@
-{{- define "prometheus.prometheus.prometheus" -}}
-{{- if .Values.prometheus.enabled }}
----
-apiVersion: monitoring.coreos.com/v1
-kind: Prometheus
-metadata:
- name: {{ template "kube-prometheus.prometheus.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
-spec:
- replicas: {{ .Values.prometheus.replicaCount }}
- serviceAccountName: {{ template "kube-prometheus.prometheus.serviceAccountName" . }}
- {{- if .Values.prometheus.serviceMonitorSelector }}
- serviceMonitorSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.serviceMonitorSelector "context" $) | nindent 4 }}
- {{- else }}
- serviceMonitorSelector: {}
- {{- end }}
- {{- if .Values.prometheus.podMonitorSelector }}
- podMonitorSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.podMonitorSelector "context" $) | nindent 4 }}
- {{- else }}
- podMonitorSelector: {}
- {{- end }}
- {{- if .Values.prometheus.probeSelector }}
- probeSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.probeSelector "context" $) | nindent 4 }}
- {{- else }}
- probeSelector: {}
- {{- end }}
- alerting:
- alertmanagers:
- {{- if .Values.prometheus.alertingEndpoints }}
- {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.alertingEndpoints "context" $) | nindent 6 }}
- {{- else if .Values.alertmanager.enabled }}
- - namespace: {{ .Release.Namespace }}
- name: {{ template "kube-prometheus.alertmanager.fullname" . }}
- port: http
- pathPrefix: "{{ .Values.alertmanager.routePrefix }}"
- {{- else }}
- []
- {{- end }}
- {{- if .Values.prometheus.image }}
- image: {{ template "kube-prometheus.prometheus.image" . }}
- {{- end }}
- {{- if .Values.prometheus.externalLabels }}
- externalLabels: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.externalLabels "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.prometheus.prometheusExternalLabelNameClear }}
- prometheusExternalLabelName: ""
- {{- else if .Values.prometheus.prometheusExternalLabelName }}
- prometheusExternalLabelName: "{{ .Values.prometheus.prometheusExternalLabelName }}"
- {{- end }}
- {{- if .Values.prometheus.replicaExternalLabelNameClear }}
- replicaExternalLabelName: ""
- {{- else if .Values.prometheus.replicaExternalLabelName }}
- replicaExternalLabelName: "{{ .Values.prometheus.replicaExternalLabelName }}"
- {{- end }}
- {{- if index .Values.prometheus "externalUrl" }}
- externalUrl: "{{ .Values.prometheus.externalUrl }}"
- {{- else if and .Values.ingress.main.enabled .Values.ingress.main.hosts }}
- externalUrl: {{ if .Values.ingress.main.tls }}https{{else}}http{{ end }}://{{ (index .Values.ingress.main.hosts 0).name }}{{ .Values.prometheus.routePrefix }}
- {{- else }}
- externalUrl: http://{{ template "kube-prometheus.prometheus.fullname" . }}.{{ .Release.Namespace }}:9090{{ .Values.prometheus.routePrefix }}
- {{- end }}
- paused: {{ .Values.prometheus.paused }}
- logLevel: {{ .Values.prometheus.logLevel }}
- logFormat: {{ .Values.prometheus.logFormat }}
- listenLocal: {{ .Values.prometheus.listenLocal }}
- enableAdminAPI: {{ .Values.prometheus.enableAdminAPI }}
- {{- if .Values.prometheus.enableFeatures }}
- enableFeatures:
- {{- range .Values.prometheus.enableFeatures }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.prometheus.scrapeInterval }}
- scrapeInterval: {{ .Values.prometheus.scrapeInterval }}
- {{- end }}
- {{- if .Values.prometheus.evaluationInterval }}
- evaluationInterval: {{ .Values.prometheus.evaluationInterval }}
- {{- end }}
- {{- if .Values.prometheus.resources }}
- resources: {{- toYaml .Values.prometheus.resources | nindent 4 }}
- {{- end }}
- retention: {{ .Values.prometheus.retention }}
- {{- if .Values.prometheus.retentionSize }}
- retentionSize: {{ .Values.prometheus.retentionSize }}
- {{- end }}
- {{- if .Values.prometheus.disableCompaction }}
- disableCompaction: {{ .Values.prometheus.disableCompaction }}
- {{- end }}
- {{- if .Values.prometheus.walCompression }}
- walCompression: {{ .Values.prometheus.walCompression }}
- {{- end }}
- portName: "{{ .Values.prometheus.portName }}"
- routePrefix: "{{ .Values.prometheus.routePrefix }}"
- {{- if .Values.prometheus.secrets }}
- secrets: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.secrets "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.prometheus.configMaps }}
- configMaps: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.configMaps "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.prometheus.serviceMonitorNamespaceSelector }}
- serviceMonitorNamespaceSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.serviceMonitorNamespaceSelector "context" $) | nindent 4 }}
- {{- else }}
- serviceMonitorNamespaceSelector: {}
- {{- end }}
- {{- if .Values.prometheus.podMonitorNamespaceSelector }}
- podMonitorNamespaceSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.podMonitorNamespaceSelector "context" $) | nindent 4 }}
- {{- else }}
- podMonitorNamespaceSelector: {}
- {{- end }}
- {{- if .Values.prometheus.probeNamespaceSelector }}
- probeNamespaceSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.probeNamespaceSelector "context" $) | nindent 4 }}
- {{- else }}
- probeNamespaceSelector: {}
- {{- end }}
- {{- if .Values.prometheus.remoteRead }}
- remoteRead: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.remoteRead "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.prometheus.remoteWrite }}
- remoteWrite: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.remoteWrite "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.prometheus.podSecurityContext.enabled }}
- securityContext: {{- omit .Values.prometheus.podSecurityContext "enabled" | toYaml | nindent 4 }}
- {{- end }}
- {{- if .Values.prometheus.ruleNamespaceSelector }}
- ruleNamespaceSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.ruleNamespaceSelector "context" $) | nindent 4 }}
- {{- else }}
- ruleNamespaceSelector: {}
- {{- end }}
- {{- if .Values.prometheus.ruleSelector }}
- ruleSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.ruleSelector "context" $) | nindent 4 }}
- {{- else }}
- ruleSelector: {}
- {{- end }}
- {{- if .Values.prometheus.storageSpec }}
- storage: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.storageSpec "context" $) | nindent 4 }}
- {{- else if .Values.prometheus.persistence.enabled }}
- storage:
- volumeClaimTemplate:
- spec:
- accessModes:
- {{- range .Values.prometheus.persistence.accessModes }}
- - {{ . | quote }}
- {{- end }}
- resources:
- requests:
- storage: {{ .Values.prometheus.persistence.size | quote }}
- {{- include "tc.common.storage.storageClassName" (dict "persistence" .Values.prometheus.persistence "global" $ ) | nindent 8 }}
- {{- end }}
- {{- if or .Values.prometheus.podMetadata.labels .Values.prometheus.podMetadata.annotations (eq .Values.prometheus.podAntiAffinityPreset "soft") (eq .Values.prometheus.podAntiAffinityPreset "hard") }}
- podMetadata:
- labels:
- {{- if .Values.prometheus.podMetadata.labels }}
- {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.podMetadata.labels "context" $) | nindent 6 }}
- {{- end }}
- {{- if or (eq .Values.prometheus.podAntiAffinityPreset "soft") (eq .Values.prometheus.podAntiAffinityPreset "hard") }}
- {{- include "kube-prometheus.prometheus.matchLabels" . | nindent 6 }}
- {{- end }}
- {{- if .Values.prometheus.podMetadata.annotations }}
- annotations:
- {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.podMetadata.annotations "context" $) | nindent 6 }}
- {{- end }}
- {{- end }}
- {{- if .Values.prometheus.querySpec }}
- query: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.querySpec "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.prometheus.affinity }}
- affinity: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.affinity "context" $) | nindent 4 }}
- {{- else }}
- affinity:
- {{- if not (empty .Values.prometheus.podAffinityPreset) }}
- podAffinity: {{- include "tc.common.affinities.pods" (dict "type" .Values.prometheus.podAffinityPreset "component" "prometheus" "context" $) | nindent 6 }}
- {{- end }}
- {{- if not (empty .Values.prometheus.podAntiAffinityPreset) }}
- podAntiAffinity: {{- include "tc.common.affinities.pods" (dict "type" .Values.prometheus.podAntiAffinityPreset "component" "prometheus" "context" $) | nindent 6 }}
- {{- end }}
- {{- if not (empty .Values.prometheus.nodeAffinityPreset.values) }}
- nodeAffinity: {{- include "tc.common.affinities.nodes" (dict "type" .Values.prometheus.nodeAffinityPreset.type "key" .Values.prometheus.nodeAffinityPreset.key "values" .Values.prometheus.nodeAffinityPreset.values) | nindent 6 }}
- {{- end }}
- {{- end }}
- {{- if .Values.prometheus.nodeSelector }}
- nodeSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.nodeSelector "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.prometheus.tolerations }}
- tolerations: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.tolerations "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.prometheus.volumes }}
- volumes: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.volumes "context" $) | nindent 4 }}
- {{- end }}
- {{- if .Values.prometheus.volumeMounts }}
- volumeMounts: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.volumeMounts "context" $) | nindent 4 }}
- {{- end }}
- {{- if or .Values.prometheus.additionalScrapeConfigs.enabled .Values.prometheus.additionalScrapeConfigsExternal.enabled }}
- additionalScrapeConfigs:
- {{- if and .Values.prometheus.additionalScrapeConfigs.enabled (eq .Values.prometheus.additionalScrapeConfigs.type "external") }}
- name: {{ .Values.prometheus.additionalScrapeConfigs.external.name }}
- key: {{ .Values.prometheus.additionalScrapeConfigs.external.key }}
- {{- else if and .Values.prometheus.additionalScrapeConfigs.enabled (eq .Values.prometheus.additionalScrapeConfigs.type "internal") }}
- name: additional-scrape-jobs-{{ template "kube-prometheus.prometheus.fullname" . }}
- key: scrape-jobs.yaml
- {{- else if and (not .Values.prometheus.additionalScrapeConfigs.enabled) .Values.prometheus.additionalScrapeConfigsExternal.enabled }}
- name: {{ .Values.prometheus.additionalScrapeConfigsExternal.name }}
- key: {{ .Values.prometheus.additionalScrapeConfigsExternal.key }}
- {{- end }}
- {{- end }}
- {{- if .Values.prometheus.additionalAlertRelabelConfigsExternal.enabled }}
- additionalAlertRelabelConfigs:
- name: {{ .Values.prometheus.additionalAlertRelabelConfigsExternal.name }}
- key: {{ .Values.prometheus.additionalAlertRelabelConfigsExternal.key }}
- {{- end }}
-{{- include "kube-prometheus.imagePullSecrets" . | indent 2 }}
- {{- if or .Values.prometheus.containers .Values.prometheus.thanos.create .Values.prometheus.containerSecurityContext.enabled .Values.prometheus.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }}
- containers:
- {{- if .Values.prometheus.thanos.create }}
- - name: thanos-sidecar
- image: {{ template "kube-prometheus.prometheus.thanosImage" . }}
- imagePullPolicy: {{ .Values.prometheus.thanos.image.pullPolicy }}
- args:
- - sidecar
- - --prometheus.url={{ default "http://localhost:9090" .Values.prometheus.thanos.prometheusUrl }}
- - --grpc-address=0.0.0.0:10901
- - --http-address=0.0.0.0:10902
- - --tsdb.path=/prometheus/
- {{- if .Values.prometheus.thanos.objectStorageConfig }}
- - --objstore.config=$(OBJSTORE_CONFIG)
- {{- end }}
- {{- if .Values.prometheus.thanos.extraArgs }}
- {{ toYaml .Values.prometheus.thanos.extraArgs | indent 8 | trim }}
- {{- end }}
- {{- if .Values.prometheus.thanos.objectStorageConfig }}
- env:
- - name: OBJSTORE_CONFIG
- valueFrom:
- secretKeyRef:
- name: {{ .Values.prometheus.thanos.objectStorageConfig.secretName }}
- key: {{ .Values.prometheus.thanos.objectStorageConfig.secretKey | default "thanos.yaml" }}
- {{- end }}
- {{- if .Values.prometheus.thanos.resources }}
- resources: {{- toYaml .Values.prometheus.thanos.resources | nindent 8 }}
- {{- end }}
- ports:
- - name: thanos
- containerPort: 10901
- protocol: TCP
- - name: http
- containerPort: 10902
- protocol: TCP
- volumeMounts:
- - mountPath: /prometheus
- name: prometheus-{{ template "kube-prometheus.prometheus.fullname" . }}-db
- {{- if not (.Values.prometheus.storageSpec.disableMountSubPath | default (not .Values.prometheus.persistence.enabled)) }}
- subPath: prometheus-db
- {{- end }}
- {{- if .Values.prometheus.thanos.extraVolumeMounts }}
- {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.thanos.extraVolumeMounts "context" $) | nindent 8 }}
- {{- end }}
- {{- if .Values.prometheus.thanos.containerSecurityContext.enabled }}
- # yamllint disable rule:indentation
- securityContext: {{- omit .Values.prometheus.thanos.containerSecurityContext "enabled" | toYaml | nindent 8 }}
- # yamllint enable rule:indentation
- {{- end }}
- {{- if .Values.prometheus.thanos.livenessProbe.enabled }}
- livenessProbe:
- httpGet:
- path: {{ .Values.prometheus.thanos.livenessProbe.path }}
- port: http
- scheme: HTTP
- initialDelaySeconds: {{ .Values.prometheus.thanos.livenessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.prometheus.thanos.livenessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.prometheus.thanos.livenessProbe.timeoutSeconds }}
- failureThreshold: {{ .Values.prometheus.thanos.livenessProbe.failureThreshold }}
- successThreshold: {{ .Values.prometheus.thanos.livenessProbe.successThreshold }}
- {{- end }}
- {{- if .Values.prometheus.thanos.readinessProbe.enabled }}
- readinessProbe:
- httpGet:
- path: {{ .Values.prometheus.thanos.readinessProbe.path }}
- port: http
- scheme: HTTP
- initialDelaySeconds: {{ .Values.prometheus.thanos.readinessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.prometheus.thanos.readinessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.prometheus.thanos.readinessProbe.timeoutSeconds }}
- failureThreshold: {{ .Values.prometheus.thanos.readinessProbe.failureThreshold }}
- successThreshold: {{ .Values.prometheus.thanos.readinessProbe.successThreshold }}
- {{- end }}
- {{- end }}
- {{- if or .Values.prometheus.containerSecurityContext.enabled .Values.prometheus.livenessProbe.enabled .Values.prometheus.readinessProbe.enabled }}
- ## This monkey patching is needed until the securityContexts are
- ## directly patchable via the CRD.
- ## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947
- ## currently implemented with strategic merge
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md
- - name: prometheus
- {{- if .Values.prometheus.containerSecurityContext.enabled }}
- securityContext: {{- omit .Values.prometheus.containerSecurityContext "enabled" | toYaml | nindent 8 }}
- {{- end }}
- {{- if .Values.prometheus.livenessProbe.enabled }}
- livenessProbe:
- httpGet:
- path: {{ .Values.prometheus.livenessProbe.path }}
- port: main
- scheme: HTTP
- initialDelaySeconds: {{ .Values.prometheus.livenessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.prometheus.livenessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.prometheus.livenessProbe.timeoutSeconds }}
- failureThreshold: {{ .Values.prometheus.livenessProbe.failureThreshold }}
- successThreshold: {{ .Values.prometheus.livenessProbe.successThreshold }}
- {{- end }}
- {{- if .Values.prometheus.readinessProbe.enabled }}
- readinessProbe:
- httpGet:
- path: {{ .Values.prometheus.readinessProbe.path }}
- port: main
- scheme: HTTP
- initialDelaySeconds: {{ .Values.prometheus.readinessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.prometheus.readinessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.prometheus.readinessProbe.timeoutSeconds }}
- failureThreshold: {{ .Values.prometheus.readinessProbe.failureThreshold }}
- successThreshold: {{ .Values.prometheus.readinessProbe.successThreshold }}
- {{- end }}
- {{- end }}
- {{- if or .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.livenessProbe.enabled .Values.operator.prometheusConfigReloader.readinessProbe.enabled }}
- ## This monkey patching is needed until the securityContexts are
- ## directly patchable via the CRD.
- ## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947
- ## currently implemented with strategic merge
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md
- - name: config-reloader
- {{- if .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }}
- securityContext: {{- omit .Values.operator.prometheusConfigReloader.containerSecurityContext "enabled" | toYaml | nindent 8 }}
- {{- end }}
- {{- if .Values.operator.prometheusConfigReloader.livenessProbe.enabled }}
- livenessProbe:
- tcpSocket:
- port: reloader-web
- initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.timeoutSeconds }}
- failureThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.failureThreshold }}
- successThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.successThreshold }}
- {{- end }}
- {{- if .Values.operator.prometheusConfigReloader.readinessProbe.enabled }}
- readinessProbe:
- tcpSocket:
- port: reloader-web
- initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.timeoutSeconds }}
- failureThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.failureThreshold }}
- successThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.successThreshold }}
- {{- end }}
- {{- end }}
- {{- if .Values.prometheus.containers }}
- {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.containers "context" $) | nindent 4 }}
- {{- end }}
- {{- end }}
- {{- if .Values.prometheus.priorityClassName }}
- priorityClassName: {{ .Values.prometheus.priorityClassName }}
- {{- end }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/prometheus/_servicemonitor.tpl b/enterprise/prometheus/7.0.60/templates/prometheus/_servicemonitor.tpl
deleted file mode 100644
index d9a57023535..00000000000
--- a/enterprise/prometheus/7.0.60/templates/prometheus/_servicemonitor.tpl
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- define "prometheus.prometheus.servicemonitor" -}}
-{{- if and .Values.prometheus.enabled .Values.prometheus.serviceMonitor.enabled }}
----
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- name: {{ template "kube-prometheus.prometheus.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
-spec:
- selector:
- matchLabels: {{- include "kube-prometheus.prometheus.matchLabels" . | nindent 6 }}
- namespaceSelector:
- matchNames:
- - {{ .Release.Namespace }}
- endpoints:
- - port: http
- {{- if .Values.prometheus.serviceMonitor.interval }}
- interval: {{ .Values.prometheus.serviceMonitor.interval }}
- {{- end }}
- path: {{ trimSuffix "/" .Values.prometheus.routePrefix }}/metrics
- {{- if .Values.prometheus.serviceMonitor.metricRelabelings }}
- metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.prometheus.serviceMonitor.metricRelabelings "context" $) | nindent 8 }}
- {{- end }}
- {{- if .Values.prometheus.serviceMonitor.relabelings }}
- relabelings: {{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 8 }}
- {{- end }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/prometheus/clusterrole.yaml b/enterprise/prometheus/7.0.60/templates/prometheus/clusterrole.yaml
deleted file mode 100644
index ae96e2d45f8..00000000000
--- a/enterprise/prometheus/7.0.60/templates/prometheus/clusterrole.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if .Values.prometheus.enabled -}}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ template "kube-prometheus.prometheus.fullname" . }}
- labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - nodes/metrics
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - ""
- resources:
- - nodes
- - nodes/proxy
- - services
- - endpoints
- - pods
- verbs:
- - "get"
- - "list"
- - "watch"
- - apiGroups:
- - extensions
- - "networking.k8s.io"
- resources:
- - ingresses
- verbs:
- - get
- - list
- - watch
- - nonResourceURLs:
- - "/metrics"
- verbs:
- - "get"
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/prometheus/clusterrolebinding.yaml b/enterprise/prometheus/7.0.60/templates/prometheus/clusterrolebinding.yaml
deleted file mode 100644
index 7ca10743f4a..00000000000
--- a/enterprise/prometheus/7.0.60/templates/prometheus/clusterrolebinding.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-{{- if .Values.prometheus.enabled }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ template "kube-prometheus.prometheus.fullname" . }}
- labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ template "kube-prometheus.prometheus.fullname" . }}
-subjects:
- - kind: ServiceAccount
- name: {{ template "kube-prometheus.prometheus.serviceAccountName" . }}
- namespace: {{ .Release.Namespace }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/templates/prometheus/serviceaccount.yaml b/enterprise/prometheus/7.0.60/templates/prometheus/serviceaccount.yaml
deleted file mode 100644
index 02b175f2b4d..00000000000
--- a/enterprise/prometheus/7.0.60/templates/prometheus/serviceaccount.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if and .Values.prometheus.enabled .Values.prometheus.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ template "kube-prometheus.prometheus.serviceAccountName" . }}
- namespace: {{ .Release.Namespace }}
- labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
- {{- if index .Values.prometheus.serviceAccount "annotations" }}
- annotations: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.serviceAccount.annotations "context" $) | nindent 4 }}
- {{- end }}
-{{- include "kube-prometheus.imagePullSecrets" . }}
-{{- end }}
diff --git a/enterprise/prometheus/7.0.60/values.yaml b/enterprise/prometheus/7.0.60/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/16.0.11/CHANGELOG.md b/enterprise/traefik/16.0.11/CHANGELOG.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/16.0.11/Chart.yaml b/enterprise/traefik/16.0.11/Chart.yaml
deleted file mode 100644
index a086379b3d4..00000000000
--- a/enterprise/traefik/16.0.11/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.6"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/stable/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 16.0.11
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/16.0.11/README.md b/enterprise/traefik/16.0.11/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/enterprise/traefik/16.0.11/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/16.0.11/app-changelog.md b/enterprise/traefik/16.0.11/app-changelog.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/16.0.11/app-readme.md b/enterprise/traefik/16.0.11/app-readme.md
deleted file mode 100644
index fe2ab2ae521..00000000000
--- a/enterprise/traefik/16.0.11/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/about/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/16.0.11/charts/common-11.1.2.tgz b/enterprise/traefik/16.0.11/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/enterprise/traefik/16.0.11/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/enterprise/traefik/16.0.11/ix_values.yaml b/enterprise/traefik/16.0.11/ix_values.yaml
deleted file mode 100644
index bd211b479b5..00000000000
--- a/enterprise/traefik/16.0.11/ix_values.yaml
+++ /dev/null
@@ -1,406 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.6@sha256:a4f065a7a34902e7d8179680b8c344e70cf90ed80c7a396b5f42ecabfa3c0321
- pullPolicy: IfNotPresent
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-
-podAnnotations:
- prometheus.io/scrape: "true"
- prometheus.io/path: "/metrics"
- prometheus.io/port: "9180"
-
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: HTTP
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: HTTPS
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: TCP
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- udp:
- enabled: false
-
-# probes:
-# # -- Liveness probe configuration
-# # @default -- See below
-# liveness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Redainess probe configuration
-# # @default -- See below
-# readiness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Startup probe configuration
-# # @default -- See below
-# startup:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.3
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- enabled: true
diff --git a/enterprise/traefik/16.0.11/questions.yaml b/enterprise/traefik/16.0.11/questions.yaml
deleted file mode 100644
index bc64ab449db..00000000000
--- a/enterprise/traefik/16.0.11/questions.yaml
+++ /dev/null
@@ -1,2487 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: countries
- label: Blocked Countries
- schema:
- type: list
- default: []
- items:
- - variable: blockedCountryEntry
- label: Blocked Country
- description: Country codes (2 characters) from which connections to the service should be allowed.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: horizontalPodAutoscaler
- group: Advanced
- label: (Advanced) Horizontal Pod Autoscaler
- schema:
- type: list
- default: []
- items:
- - variable: hpaEntry
- label: HPA Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: target
- label: Target
- description: Deployment name, Defaults to Main Deployment
- schema:
- type: string
- default: ""
- - variable: minReplicas
- label: Minimum Replicas
- schema:
- type: int
- default: 1
- - variable: maxReplicas
- label: Maximum Replicas
- schema:
- type: int
- default: 5
- - variable: targetCPUUtilizationPercentage
- label: Target CPU Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: targetMemoryUtilizationPercentage
- label: Target Memory Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/16.0.11/templates/_args.tpl b/enterprise/traefik/16.0.11/templates/_args.tpl
deleted file mode 100644
index 98cc63897b9..00000000000
--- a/enterprise/traefik/16.0.11/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "HTTP" ) ( eq $config.protocol "HTTPS" ) ( eq $config.protocol "TCP" ) }}
- {{- $_ := set $config "protocol" "TCP" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "HTTPS" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "HTTPS" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.11/templates/_helpers.tpl b/enterprise/traefik/16.0.11/templates/_helpers.tpl
deleted file mode 100644
index ab55e4e7ec6..00000000000
--- a/enterprise/traefik/16.0.11/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.common.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.11/templates/_ingressclass.tpl b/enterprise/traefik/16.0.11/templates/_ingressclass.tpl
deleted file mode 100644
index 909e249d6a5..00000000000
--- a/enterprise/traefik/16.0.11/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.11/templates/_ingressroute.tpl b/enterprise/traefik/16.0.11/templates/_ingressroute.tpl
deleted file mode 100644
index 7f012c92350..00000000000
--- a/enterprise/traefik/16.0.11/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,25 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.common.names.fullname" . }}-dashboard
- annotations:
- {{- with .Values.ingressRoute.dashboard.annotations }}
- {{- toYaml . | nindent 4 }}
- {{- end }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.11/templates/_portalhook.tpl b/enterprise/traefik/16.0.11/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/16.0.11/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.11/templates/_tlsoptions.tpl b/enterprise/traefik/16.0.11/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/16.0.11/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.11/templates/common.yaml b/enterprise/traefik/16.0.11/templates/common.yaml
deleted file mode 100644
index c933a3d08e0..00000000000
--- a/enterprise/traefik/16.0.11/templates/common.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{- if .Values.metrics }}
-{{- if .Values.metrics.prometheus }}
-{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/port" "9180" -}}
-{{- end }}
-{{- end }}
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat .Values.args .Values.newArgs.args }}
-{{- $_ := set .Values "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/addPrefix.yaml b/enterprise/traefik/16.0.11/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/16.0.11/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/basicauth.yaml b/enterprise/traefik/16.0.11/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/chain.yaml b/enterprise/traefik/16.0.11/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/forwardauth.yaml b/enterprise/traefik/16.0.11/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/geoblock.yaml b/enterprise/traefik/16.0.11/templates/middlewares/geoblock.yaml
deleted file mode 100644
index 1f0fb752769..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/16.0.11/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/ratelimit.yaml b/enterprise/traefik/16.0.11/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/real-ip.yaml b/enterprise/traefik/16.0.11/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/16.0.11/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/redirectregex.yaml b/enterprise/traefik/16.0.11/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/16.0.11/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/tc-chains.yaml b/enterprise/traefik/16.0.11/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/tc-headers.yaml b/enterprise/traefik/16.0.11/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/16.0.11/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/16.0.11/templates/middlewares/theme-park.yaml b/enterprise/traefik/16.0.11/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/16.0.11/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.11/values.yaml b/enterprise/traefik/16.0.11/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/16.0.12/CHANGELOG.md b/enterprise/traefik/16.0.12/CHANGELOG.md
deleted file mode 100644
index aeb9b3df2ee..00000000000
--- a/enterprise/traefik/16.0.12/CHANGELOG.md
+++ /dev/null
@@ -1,21 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
-
-- Add blacklistMode on geoblock and fix label ([#6416](https://github.com/truecharts/charts/issues/6416))
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
- ### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/16.0.12/Chart.yaml b/enterprise/traefik/16.0.12/Chart.yaml
deleted file mode 100644
index 72f8ee232a7..00000000000
--- a/enterprise/traefik/16.0.12/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.6"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 16.0.12
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/16.0.12/README.md b/enterprise/traefik/16.0.12/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/16.0.12/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/16.0.12/app-changelog.md b/enterprise/traefik/16.0.12/app-changelog.md
deleted file mode 100644
index be258d37167..00000000000
--- a/enterprise/traefik/16.0.12/app-changelog.md
+++ /dev/null
@@ -1,17 +0,0 @@
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
-
-- Add blacklistMode on geoblock and fix label ([#6416](https://github.com/truecharts/charts/issues/6416))
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
- ### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/16.0.12/app-readme.md b/enterprise/traefik/16.0.12/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/16.0.12/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/16.0.12/charts/common-11.1.2.tgz b/enterprise/traefik/16.0.12/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/enterprise/traefik/16.0.12/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/enterprise/traefik/16.0.12/ix_values.yaml b/enterprise/traefik/16.0.12/ix_values.yaml
deleted file mode 100644
index 1c0fa61a784..00000000000
--- a/enterprise/traefik/16.0.12/ix_values.yaml
+++ /dev/null
@@ -1,407 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.6@sha256:a4f065a7a34902e7d8179680b8c344e70cf90ed80c7a396b5f42ecabfa3c0321
- pullPolicy: IfNotPresent
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-
-podAnnotations:
- prometheus.io/scrape: "true"
- prometheus.io/path: "/metrics"
- prometheus.io/port: "9180"
-
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: HTTP
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: HTTPS
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: TCP
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- udp:
- enabled: false
-
-# probes:
-# # -- Liveness probe configuration
-# # @default -- See below
-# liveness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Redainess probe configuration
-# # @default -- See below
-# readiness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Startup probe configuration
-# # @default -- See below
-# startup:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- enabled: true
diff --git a/enterprise/traefik/16.0.12/questions.yaml b/enterprise/traefik/16.0.12/questions.yaml
deleted file mode 100644
index 8a6e543a7d5..00000000000
--- a/enterprise/traefik/16.0.12/questions.yaml
+++ /dev/null
@@ -1,2535 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/16.0.12/templates/_args.tpl b/enterprise/traefik/16.0.12/templates/_args.tpl
deleted file mode 100644
index 98cc63897b9..00000000000
--- a/enterprise/traefik/16.0.12/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "HTTP" ) ( eq $config.protocol "HTTPS" ) ( eq $config.protocol "TCP" ) }}
- {{- $_ := set $config "protocol" "TCP" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "HTTPS" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "HTTPS" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.12/templates/_helpers.tpl b/enterprise/traefik/16.0.12/templates/_helpers.tpl
deleted file mode 100644
index ab55e4e7ec6..00000000000
--- a/enterprise/traefik/16.0.12/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.common.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.12/templates/_ingressclass.tpl b/enterprise/traefik/16.0.12/templates/_ingressclass.tpl
deleted file mode 100644
index 909e249d6a5..00000000000
--- a/enterprise/traefik/16.0.12/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.12/templates/_ingressroute.tpl b/enterprise/traefik/16.0.12/templates/_ingressroute.tpl
deleted file mode 100644
index 7f012c92350..00000000000
--- a/enterprise/traefik/16.0.12/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,25 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.common.names.fullname" . }}-dashboard
- annotations:
- {{- with .Values.ingressRoute.dashboard.annotations }}
- {{- toYaml . | nindent 4 }}
- {{- end }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.12/templates/_portalhook.tpl b/enterprise/traefik/16.0.12/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/16.0.12/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.12/templates/_tlsoptions.tpl b/enterprise/traefik/16.0.12/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/16.0.12/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.12/templates/common.yaml b/enterprise/traefik/16.0.12/templates/common.yaml
deleted file mode 100644
index c933a3d08e0..00000000000
--- a/enterprise/traefik/16.0.12/templates/common.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{- if .Values.metrics }}
-{{- if .Values.metrics.prometheus }}
-{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/port" "9180" -}}
-{{- end }}
-{{- end }}
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat .Values.args .Values.newArgs.args }}
-{{- $_ := set .Values "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/addPrefix.yaml b/enterprise/traefik/16.0.12/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/16.0.12/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/basicauth.yaml b/enterprise/traefik/16.0.12/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/chain.yaml b/enterprise/traefik/16.0.12/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/forwardauth.yaml b/enterprise/traefik/16.0.12/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/geoblock.yaml b/enterprise/traefik/16.0.12/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/16.0.12/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/ratelimit.yaml b/enterprise/traefik/16.0.12/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/real-ip.yaml b/enterprise/traefik/16.0.12/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/16.0.12/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/redirectregex.yaml b/enterprise/traefik/16.0.12/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/16.0.12/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/tc-chains.yaml b/enterprise/traefik/16.0.12/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/tc-headers.yaml b/enterprise/traefik/16.0.12/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/16.0.12/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/16.0.12/templates/middlewares/theme-park.yaml b/enterprise/traefik/16.0.12/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/16.0.12/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.12/values.yaml b/enterprise/traefik/16.0.12/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/16.0.13/CHANGELOG.md b/enterprise/traefik/16.0.13/CHANGELOG.md
deleted file mode 100644
index 4bbf5778d51..00000000000
--- a/enterprise/traefik/16.0.13/CHANGELOG.md
+++ /dev/null
@@ -1,30 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to 2.9.6
-
-
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
-
-- Add blacklistMode on geoblock and fix label ([#6416](https://github.com/truecharts/charts/issues/6416))
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
- ### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/16.0.13/Chart.yaml b/enterprise/traefik/16.0.13/Chart.yaml
deleted file mode 100644
index c0087ae6b63..00000000000
--- a/enterprise/traefik/16.0.13/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.6"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 16.0.13
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/16.0.13/README.md b/enterprise/traefik/16.0.13/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/16.0.13/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/16.0.13/app-changelog.md b/enterprise/traefik/16.0.13/app-changelog.md
deleted file mode 100644
index 7f247c5d6d7..00000000000
--- a/enterprise/traefik/16.0.13/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to 2.9.6
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/16.0.13/app-readme.md b/enterprise/traefik/16.0.13/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/16.0.13/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/16.0.13/charts/common-11.1.2.tgz b/enterprise/traefik/16.0.13/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/enterprise/traefik/16.0.13/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/enterprise/traefik/16.0.13/ix_values.yaml b/enterprise/traefik/16.0.13/ix_values.yaml
deleted file mode 100644
index d252fe9029f..00000000000
--- a/enterprise/traefik/16.0.13/ix_values.yaml
+++ /dev/null
@@ -1,407 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.6@sha256:908a3dd69479f9430c0b55a97bbdbebd3055b6c99c7fc222e96a5edf663c9312
- pullPolicy: IfNotPresent
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-
-podAnnotations:
- prometheus.io/scrape: "true"
- prometheus.io/path: "/metrics"
- prometheus.io/port: "9180"
-
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: HTTP
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: HTTPS
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: TCP
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- udp:
- enabled: false
-
-# probes:
-# # -- Liveness probe configuration
-# # @default -- See below
-# liveness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Redainess probe configuration
-# # @default -- See below
-# readiness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Startup probe configuration
-# # @default -- See below
-# startup:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- enabled: true
diff --git a/enterprise/traefik/16.0.13/questions.yaml b/enterprise/traefik/16.0.13/questions.yaml
deleted file mode 100644
index 8a6e543a7d5..00000000000
--- a/enterprise/traefik/16.0.13/questions.yaml
+++ /dev/null
@@ -1,2535 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/16.0.13/templates/_args.tpl b/enterprise/traefik/16.0.13/templates/_args.tpl
deleted file mode 100644
index 98cc63897b9..00000000000
--- a/enterprise/traefik/16.0.13/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "HTTP" ) ( eq $config.protocol "HTTPS" ) ( eq $config.protocol "TCP" ) }}
- {{- $_ := set $config "protocol" "TCP" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "HTTPS" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "HTTPS" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.13/templates/_helpers.tpl b/enterprise/traefik/16.0.13/templates/_helpers.tpl
deleted file mode 100644
index ab55e4e7ec6..00000000000
--- a/enterprise/traefik/16.0.13/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.common.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.13/templates/_ingressclass.tpl b/enterprise/traefik/16.0.13/templates/_ingressclass.tpl
deleted file mode 100644
index 909e249d6a5..00000000000
--- a/enterprise/traefik/16.0.13/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.13/templates/_ingressroute.tpl b/enterprise/traefik/16.0.13/templates/_ingressroute.tpl
deleted file mode 100644
index 7f012c92350..00000000000
--- a/enterprise/traefik/16.0.13/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,25 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.common.names.fullname" . }}-dashboard
- annotations:
- {{- with .Values.ingressRoute.dashboard.annotations }}
- {{- toYaml . | nindent 4 }}
- {{- end }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.13/templates/_portalhook.tpl b/enterprise/traefik/16.0.13/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/16.0.13/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.13/templates/_tlsoptions.tpl b/enterprise/traefik/16.0.13/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/16.0.13/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.13/templates/common.yaml b/enterprise/traefik/16.0.13/templates/common.yaml
deleted file mode 100644
index c933a3d08e0..00000000000
--- a/enterprise/traefik/16.0.13/templates/common.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{- if .Values.metrics }}
-{{- if .Values.metrics.prometheus }}
-{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/port" "9180" -}}
-{{- end }}
-{{- end }}
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat .Values.args .Values.newArgs.args }}
-{{- $_ := set .Values "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/addPrefix.yaml b/enterprise/traefik/16.0.13/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/16.0.13/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/basicauth.yaml b/enterprise/traefik/16.0.13/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/chain.yaml b/enterprise/traefik/16.0.13/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/forwardauth.yaml b/enterprise/traefik/16.0.13/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/geoblock.yaml b/enterprise/traefik/16.0.13/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/16.0.13/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/ratelimit.yaml b/enterprise/traefik/16.0.13/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/real-ip.yaml b/enterprise/traefik/16.0.13/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/16.0.13/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/redirectregex.yaml b/enterprise/traefik/16.0.13/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/16.0.13/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/tc-chains.yaml b/enterprise/traefik/16.0.13/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/tc-headers.yaml b/enterprise/traefik/16.0.13/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/16.0.13/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/16.0.13/templates/middlewares/theme-park.yaml b/enterprise/traefik/16.0.13/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/16.0.13/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.13/values.yaml b/enterprise/traefik/16.0.13/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/16.0.14/CHANGELOG.md b/enterprise/traefik/16.0.14/CHANGELOG.md
deleted file mode 100644
index d15322a4d2b..00000000000
--- a/enterprise/traefik/16.0.14/CHANGELOG.md
+++ /dev/null
@@ -1,39 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v
-
-
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to 2.9.6
-
-
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
-
-- Add blacklistMode on geoblock and fix label ([#6416](https://github.com/truecharts/charts/issues/6416))
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
- ### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/16.0.14/Chart.yaml b/enterprise/traefik/16.0.14/Chart.yaml
deleted file mode 100644
index e129a118f12..00000000000
--- a/enterprise/traefik/16.0.14/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.6"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 16.0.14
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/16.0.14/README.md b/enterprise/traefik/16.0.14/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/16.0.14/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/16.0.14/app-changelog.md b/enterprise/traefik/16.0.14/app-changelog.md
deleted file mode 100644
index 8c504313ddf..00000000000
--- a/enterprise/traefik/16.0.14/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/16.0.14/app-readme.md b/enterprise/traefik/16.0.14/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/16.0.14/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/16.0.14/charts/common-11.1.2.tgz b/enterprise/traefik/16.0.14/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/enterprise/traefik/16.0.14/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/enterprise/traefik/16.0.14/ix_values.yaml b/enterprise/traefik/16.0.14/ix_values.yaml
deleted file mode 100644
index c9b9fd21ddd..00000000000
--- a/enterprise/traefik/16.0.14/ix_values.yaml
+++ /dev/null
@@ -1,407 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.6@sha256:cd967c1afead8a5f78a20f974574b0e705dbac869956244e5767a9b54ed26e85
- pullPolicy: IfNotPresent
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-
-podAnnotations:
- prometheus.io/scrape: "true"
- prometheus.io/path: "/metrics"
- prometheus.io/port: "9180"
-
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: HTTP
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: HTTPS
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: TCP
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- udp:
- enabled: false
-
-# probes:
-# # -- Liveness probe configuration
-# # @default -- See below
-# liveness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Redainess probe configuration
-# # @default -- See below
-# readiness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Startup probe configuration
-# # @default -- See below
-# startup:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- enabled: true
diff --git a/enterprise/traefik/16.0.14/questions.yaml b/enterprise/traefik/16.0.14/questions.yaml
deleted file mode 100644
index 8a6e543a7d5..00000000000
--- a/enterprise/traefik/16.0.14/questions.yaml
+++ /dev/null
@@ -1,2535 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/16.0.14/templates/_args.tpl b/enterprise/traefik/16.0.14/templates/_args.tpl
deleted file mode 100644
index 98cc63897b9..00000000000
--- a/enterprise/traefik/16.0.14/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "HTTP" ) ( eq $config.protocol "HTTPS" ) ( eq $config.protocol "TCP" ) }}
- {{- $_ := set $config "protocol" "TCP" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "HTTPS" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "HTTPS" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.14/templates/_helpers.tpl b/enterprise/traefik/16.0.14/templates/_helpers.tpl
deleted file mode 100644
index ab55e4e7ec6..00000000000
--- a/enterprise/traefik/16.0.14/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.common.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.14/templates/_ingressclass.tpl b/enterprise/traefik/16.0.14/templates/_ingressclass.tpl
deleted file mode 100644
index 909e249d6a5..00000000000
--- a/enterprise/traefik/16.0.14/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.14/templates/_ingressroute.tpl b/enterprise/traefik/16.0.14/templates/_ingressroute.tpl
deleted file mode 100644
index 7f012c92350..00000000000
--- a/enterprise/traefik/16.0.14/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,25 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.common.names.fullname" . }}-dashboard
- annotations:
- {{- with .Values.ingressRoute.dashboard.annotations }}
- {{- toYaml . | nindent 4 }}
- {{- end }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.14/templates/_portalhook.tpl b/enterprise/traefik/16.0.14/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/16.0.14/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.14/templates/_tlsoptions.tpl b/enterprise/traefik/16.0.14/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/16.0.14/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.14/templates/common.yaml b/enterprise/traefik/16.0.14/templates/common.yaml
deleted file mode 100644
index c933a3d08e0..00000000000
--- a/enterprise/traefik/16.0.14/templates/common.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{- if .Values.metrics }}
-{{- if .Values.metrics.prometheus }}
-{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/port" "9180" -}}
-{{- end }}
-{{- end }}
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat .Values.args .Values.newArgs.args }}
-{{- $_ := set .Values "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/addPrefix.yaml b/enterprise/traefik/16.0.14/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/16.0.14/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/basicauth.yaml b/enterprise/traefik/16.0.14/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/chain.yaml b/enterprise/traefik/16.0.14/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/forwardauth.yaml b/enterprise/traefik/16.0.14/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/geoblock.yaml b/enterprise/traefik/16.0.14/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/16.0.14/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/ratelimit.yaml b/enterprise/traefik/16.0.14/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/real-ip.yaml b/enterprise/traefik/16.0.14/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/16.0.14/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/redirectregex.yaml b/enterprise/traefik/16.0.14/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/16.0.14/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/tc-chains.yaml b/enterprise/traefik/16.0.14/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/tc-headers.yaml b/enterprise/traefik/16.0.14/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/16.0.14/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/16.0.14/templates/middlewares/theme-park.yaml b/enterprise/traefik/16.0.14/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/16.0.14/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.14/values.yaml b/enterprise/traefik/16.0.14/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/16.0.15/CHANGELOG.md b/enterprise/traefik/16.0.15/CHANGELOG.md
deleted file mode 100644
index b6967e462cd..00000000000
--- a/enterprise/traefik/16.0.15/CHANGELOG.md
+++ /dev/null
@@ -1,48 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.7
-
-
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v
-
-
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to 2.9.6
-
-
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
-
-- Add blacklistMode on geoblock and fix label ([#6416](https://github.com/truecharts/charts/issues/6416))
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
- ### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/16.0.15/Chart.yaml b/enterprise/traefik/16.0.15/Chart.yaml
deleted file mode 100644
index af752a605cb..00000000000
--- a/enterprise/traefik/16.0.15/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.7"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 16.0.15
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/16.0.15/README.md b/enterprise/traefik/16.0.15/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/16.0.15/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/16.0.15/app-changelog.md b/enterprise/traefik/16.0.15/app-changelog.md
deleted file mode 100644
index 834824bf3ce..00000000000
--- a/enterprise/traefik/16.0.15/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.7
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/16.0.15/app-readme.md b/enterprise/traefik/16.0.15/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/16.0.15/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/16.0.15/charts/common-11.1.2.tgz b/enterprise/traefik/16.0.15/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/enterprise/traefik/16.0.15/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/enterprise/traefik/16.0.15/ix_values.yaml b/enterprise/traefik/16.0.15/ix_values.yaml
deleted file mode 100644
index a6895719451..00000000000
--- a/enterprise/traefik/16.0.15/ix_values.yaml
+++ /dev/null
@@ -1,407 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.7@sha256:c655efcd28a7eb4e93f588ca21f06e0fd900c427780e6e7a8f64a8b5f7febf1e
- pullPolicy: IfNotPresent
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-
-podAnnotations:
- prometheus.io/scrape: "true"
- prometheus.io/path: "/metrics"
- prometheus.io/port: "9180"
-
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: HTTP
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: HTTPS
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: TCP
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- udp:
- enabled: false
-
-# probes:
-# # -- Liveness probe configuration
-# # @default -- See below
-# liveness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Redainess probe configuration
-# # @default -- See below
-# readiness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Startup probe configuration
-# # @default -- See below
-# startup:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- enabled: true
diff --git a/enterprise/traefik/16.0.15/questions.yaml b/enterprise/traefik/16.0.15/questions.yaml
deleted file mode 100644
index 8a6e543a7d5..00000000000
--- a/enterprise/traefik/16.0.15/questions.yaml
+++ /dev/null
@@ -1,2535 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/16.0.15/templates/_args.tpl b/enterprise/traefik/16.0.15/templates/_args.tpl
deleted file mode 100644
index 98cc63897b9..00000000000
--- a/enterprise/traefik/16.0.15/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "HTTP" ) ( eq $config.protocol "HTTPS" ) ( eq $config.protocol "TCP" ) }}
- {{- $_ := set $config "protocol" "TCP" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "HTTPS" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "HTTPS" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.15/templates/_helpers.tpl b/enterprise/traefik/16.0.15/templates/_helpers.tpl
deleted file mode 100644
index ab55e4e7ec6..00000000000
--- a/enterprise/traefik/16.0.15/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.common.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.15/templates/_ingressclass.tpl b/enterprise/traefik/16.0.15/templates/_ingressclass.tpl
deleted file mode 100644
index 909e249d6a5..00000000000
--- a/enterprise/traefik/16.0.15/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.15/templates/_ingressroute.tpl b/enterprise/traefik/16.0.15/templates/_ingressroute.tpl
deleted file mode 100644
index 7f012c92350..00000000000
--- a/enterprise/traefik/16.0.15/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,25 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.common.names.fullname" . }}-dashboard
- annotations:
- {{- with .Values.ingressRoute.dashboard.annotations }}
- {{- toYaml . | nindent 4 }}
- {{- end }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.15/templates/_portalhook.tpl b/enterprise/traefik/16.0.15/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/16.0.15/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.15/templates/_tlsoptions.tpl b/enterprise/traefik/16.0.15/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/16.0.15/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.15/templates/common.yaml b/enterprise/traefik/16.0.15/templates/common.yaml
deleted file mode 100644
index c933a3d08e0..00000000000
--- a/enterprise/traefik/16.0.15/templates/common.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{- if .Values.metrics }}
-{{- if .Values.metrics.prometheus }}
-{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/port" "9180" -}}
-{{- end }}
-{{- end }}
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat .Values.args .Values.newArgs.args }}
-{{- $_ := set .Values "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/addPrefix.yaml b/enterprise/traefik/16.0.15/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/16.0.15/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/basicauth.yaml b/enterprise/traefik/16.0.15/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/chain.yaml b/enterprise/traefik/16.0.15/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/forwardauth.yaml b/enterprise/traefik/16.0.15/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/geoblock.yaml b/enterprise/traefik/16.0.15/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/16.0.15/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/ratelimit.yaml b/enterprise/traefik/16.0.15/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/real-ip.yaml b/enterprise/traefik/16.0.15/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/16.0.15/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/redirectregex.yaml b/enterprise/traefik/16.0.15/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/16.0.15/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/tc-chains.yaml b/enterprise/traefik/16.0.15/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/tc-headers.yaml b/enterprise/traefik/16.0.15/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/16.0.15/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/16.0.15/templates/middlewares/theme-park.yaml b/enterprise/traefik/16.0.15/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/16.0.15/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.15/values.yaml b/enterprise/traefik/16.0.15/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/16.0.16/CHANGELOG.md b/enterprise/traefik/16.0.16/CHANGELOG.md
deleted file mode 100644
index dd4dbd5a048..00000000000
--- a/enterprise/traefik/16.0.16/CHANGELOG.md
+++ /dev/null
@@ -1,57 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.8
-
-
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.7
-
-
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v
-
-
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to 2.9.6
-
-
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
-
-- Add blacklistMode on geoblock and fix label ([#6416](https://github.com/truecharts/charts/issues/6416))
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
- ### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/16.0.16/Chart.yaml b/enterprise/traefik/16.0.16/Chart.yaml
deleted file mode 100644
index 2d34432e137..00000000000
--- a/enterprise/traefik/16.0.16/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 16.0.16
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/16.0.16/LICENSE b/enterprise/traefik/16.0.16/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/16.0.16/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/16.0.16/README.md b/enterprise/traefik/16.0.16/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/16.0.16/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/16.0.16/app-changelog.md b/enterprise/traefik/16.0.16/app-changelog.md
deleted file mode 100644
index 65e30771f63..00000000000
--- a/enterprise/traefik/16.0.16/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.8
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/16.0.16/app-readme.md b/enterprise/traefik/16.0.16/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/16.0.16/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/16.0.16/charts/common-11.1.2.tgz b/enterprise/traefik/16.0.16/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/enterprise/traefik/16.0.16/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/enterprise/traefik/16.0.16/ix_values.yaml b/enterprise/traefik/16.0.16/ix_values.yaml
deleted file mode 100644
index e19a9ab0475..00000000000
--- a/enterprise/traefik/16.0.16/ix_values.yaml
+++ /dev/null
@@ -1,407 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-
-podAnnotations:
- prometheus.io/scrape: "true"
- prometheus.io/path: "/metrics"
- prometheus.io/port: "9180"
-
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: HTTP
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: HTTPS
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: TCP
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: HTTP
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- udp:
- enabled: false
-
-# probes:
-# # -- Liveness probe configuration
-# # @default -- See below
-# liveness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Redainess probe configuration
-# # @default -- See below
-# readiness:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# # -- Startup probe configuration
-# # @default -- See below
-# startup:
-# # -- sets the probe type when not using a custom probe
-# # @default -- "TCP"
-# type: HTTP
-# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
-# # @default -- "/"
-# path: "/ping"
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- enabled: true
diff --git a/enterprise/traefik/16.0.16/questions.yaml b/enterprise/traefik/16.0.16/questions.yaml
deleted file mode 100644
index 8a6e543a7d5..00000000000
--- a/enterprise/traefik/16.0.16/questions.yaml
+++ /dev/null
@@ -1,2535 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/16.0.16/templates/_args.tpl b/enterprise/traefik/16.0.16/templates/_args.tpl
deleted file mode 100644
index 98cc63897b9..00000000000
--- a/enterprise/traefik/16.0.16/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "HTTP" ) ( eq $config.protocol "HTTPS" ) ( eq $config.protocol "TCP" ) }}
- {{- $_ := set $config "protocol" "TCP" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "HTTPS" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "HTTPS" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.16/templates/_helpers.tpl b/enterprise/traefik/16.0.16/templates/_helpers.tpl
deleted file mode 100644
index ab55e4e7ec6..00000000000
--- a/enterprise/traefik/16.0.16/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.common.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.16/templates/_ingressclass.tpl b/enterprise/traefik/16.0.16/templates/_ingressclass.tpl
deleted file mode 100644
index 909e249d6a5..00000000000
--- a/enterprise/traefik/16.0.16/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.16/templates/_ingressroute.tpl b/enterprise/traefik/16.0.16/templates/_ingressroute.tpl
deleted file mode 100644
index 7f012c92350..00000000000
--- a/enterprise/traefik/16.0.16/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,25 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.common.names.fullname" . }}-dashboard
- annotations:
- {{- with .Values.ingressRoute.dashboard.annotations }}
- {{- toYaml . | nindent 4 }}
- {{- end }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.16/templates/_portalhook.tpl b/enterprise/traefik/16.0.16/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/16.0.16/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.16/templates/_tlsoptions.tpl b/enterprise/traefik/16.0.16/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/16.0.16/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/16.0.16/templates/common.yaml b/enterprise/traefik/16.0.16/templates/common.yaml
deleted file mode 100644
index c933a3d08e0..00000000000
--- a/enterprise/traefik/16.0.16/templates/common.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{- if .Values.metrics }}
-{{- if .Values.metrics.prometheus }}
-{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}}
-{{- $_ := set .Values.podAnnotations "prometheus.io/port" "9180" -}}
-{{- end }}
-{{- end }}
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat .Values.args .Values.newArgs.args }}
-{{- $_ := set .Values "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/addPrefix.yaml b/enterprise/traefik/16.0.16/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/16.0.16/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/basicauth.yaml b/enterprise/traefik/16.0.16/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/chain.yaml b/enterprise/traefik/16.0.16/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/forwardauth.yaml b/enterprise/traefik/16.0.16/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/geoblock.yaml b/enterprise/traefik/16.0.16/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/16.0.16/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/ratelimit.yaml b/enterprise/traefik/16.0.16/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/real-ip.yaml b/enterprise/traefik/16.0.16/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/16.0.16/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/redirectregex.yaml b/enterprise/traefik/16.0.16/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/16.0.16/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/tc-chains.yaml b/enterprise/traefik/16.0.16/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/tc-headers.yaml b/enterprise/traefik/16.0.16/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/16.0.16/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/16.0.16/templates/middlewares/theme-park.yaml b/enterprise/traefik/16.0.16/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/16.0.16/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/16.0.16/values.yaml b/enterprise/traefik/16.0.16/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.0/CHANGELOG.md b/enterprise/traefik/17.0.0/CHANGELOG.md
deleted file mode 100644
index 96e87df5f81..00000000000
--- a/enterprise/traefik/17.0.0/CHANGELOG.md
+++ /dev/null
@@ -1,62 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.0](https://github.com/truecharts/charts/compare/traefik-16.0.16...traefik-17.0.0) (2023-03-04)
-
-
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.8
-
-
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.7
-
-
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v
-
-
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to 2.9.6
-
-
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
-
-- Add blacklistMode on geoblock and fix label ([#6416](https://github.com/truecharts/charts/issues/6416))
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
- ### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.0/Chart.yaml b/enterprise/traefik/17.0.0/Chart.yaml
deleted file mode 100644
index 1917cb105b3..00000000000
--- a/enterprise/traefik/17.0.0/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.7
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.0
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.0/LICENSE b/enterprise/traefik/17.0.0/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.0/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.0/README.md b/enterprise/traefik/17.0.0/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.0/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.0/app-changelog.md b/enterprise/traefik/17.0.0/app-changelog.md
deleted file mode 100644
index 0ea4b2ac0d6..00000000000
--- a/enterprise/traefik/17.0.0/app-changelog.md
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-## [traefik-17.0.0](https://github.com/truecharts/charts/compare/traefik-16.0.16...traefik-17.0.0) (2023-03-04)
-
diff --git a/enterprise/traefik/17.0.0/app-readme.md b/enterprise/traefik/17.0.0/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.0/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.0/charts/common-12.2.7.tgz b/enterprise/traefik/17.0.0/charts/common-12.2.7.tgz
deleted file mode 100644
index 6fa82fcfb60..00000000000
Binary files a/enterprise/traefik/17.0.0/charts/common-12.2.7.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.0/ix_values.yaml b/enterprise/traefik/17.0.0/ix_values.yaml
deleted file mode 100644
index f78e5b7465a..00000000000
--- a/enterprise/traefik/17.0.0/ix_values.yaml
+++ /dev/null
@@ -1,418 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/traefik/17.0.0/questions.yaml b/enterprise/traefik/17.0.0/questions.yaml
deleted file mode 100644
index bb2381a7f9c..00000000000
--- a/enterprise/traefik/17.0.0/questions.yaml
+++ /dev/null
@@ -1,2476 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "==", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.0/templates/NOTES.txt b/enterprise/traefik/17.0.0/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.0/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.0/templates/_args.tpl b/enterprise/traefik/17.0.0/templates/_args.tpl
deleted file mode 100644
index 3fef2e1f777..00000000000
--- a/enterprise/traefik/17.0.0/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.0/templates/_helpers.tpl b/enterprise/traefik/17.0.0/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.0/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.0/templates/_ingressclass.tpl b/enterprise/traefik/17.0.0/templates/_ingressclass.tpl
deleted file mode 100644
index 909e249d6a5..00000000000
--- a/enterprise/traefik/17.0.0/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.0/templates/_ingressroute.tpl b/enterprise/traefik/17.0.0/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.0/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.0/templates/_portalhook.tpl b/enterprise/traefik/17.0.0/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.0/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.0/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.0/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.0/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.0/templates/common.yaml b/enterprise/traefik/17.0.0/templates/common.yaml
deleted file mode 100644
index 7833892df08..00000000000
--- a/enterprise/traefik/17.0.0/templates/common.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.0/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.0/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.0/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.0/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.0/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.0/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.0/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.0/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.0/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.0/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.0/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.0/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.0/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.0/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.0/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.0/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.0/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.0/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.0/values.yaml b/enterprise/traefik/17.0.0/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.1/CHANGELOG.md b/enterprise/traefik/17.0.1/CHANGELOG.md
deleted file mode 100644
index 4ae1c7ff62a..00000000000
--- a/enterprise/traefik/17.0.1/CHANGELOG.md
+++ /dev/null
@@ -1,75 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [traefik-17.0.0](https://github.com/truecharts/charts/compare/traefik-16.0.16...traefik-17.0.0) (2023-03-04)
-
-
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.8
-
-
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.7
-
-
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v
-
-
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to 2.9.6
-
-
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
-
-- Add blacklistMode on geoblock and fix label ([#6416](https://github.com/truecharts/charts/issues/6416))
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
- ### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.1/Chart.yaml b/enterprise/traefik/17.0.1/Chart.yaml
deleted file mode 100644
index cc1ebd8dd2d..00000000000
--- a/enterprise/traefik/17.0.1/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.15
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.1
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.1/LICENSE b/enterprise/traefik/17.0.1/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.1/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.1/README.md b/enterprise/traefik/17.0.1/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.1/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.1/app-changelog.md b/enterprise/traefik/17.0.1/app-changelog.md
deleted file mode 100644
index 90a16797f83..00000000000
--- a/enterprise/traefik/17.0.1/app-changelog.md
+++ /dev/null
@@ -1,13 +0,0 @@
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.1/app-readme.md b/enterprise/traefik/17.0.1/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.1/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.1/charts/common-12.2.15.tgz b/enterprise/traefik/17.0.1/charts/common-12.2.15.tgz
deleted file mode 100644
index ee335e0c550..00000000000
Binary files a/enterprise/traefik/17.0.1/charts/common-12.2.15.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.1/ix_values.yaml b/enterprise/traefik/17.0.1/ix_values.yaml
deleted file mode 100644
index f78e5b7465a..00000000000
--- a/enterprise/traefik/17.0.1/ix_values.yaml
+++ /dev/null
@@ -1,418 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/traefik/17.0.1/questions.yaml b/enterprise/traefik/17.0.1/questions.yaml
deleted file mode 100644
index d9616f62f10..00000000000
--- a/enterprise/traefik/17.0.1/questions.yaml
+++ /dev/null
@@ -1,2488 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.1/templates/NOTES.txt b/enterprise/traefik/17.0.1/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.1/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.1/templates/_args.tpl b/enterprise/traefik/17.0.1/templates/_args.tpl
deleted file mode 100644
index 3fef2e1f777..00000000000
--- a/enterprise/traefik/17.0.1/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.1/templates/_helpers.tpl b/enterprise/traefik/17.0.1/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.1/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.1/templates/_ingressclass.tpl b/enterprise/traefik/17.0.1/templates/_ingressclass.tpl
deleted file mode 100644
index 909e249d6a5..00000000000
--- a/enterprise/traefik/17.0.1/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.1/templates/_ingressroute.tpl b/enterprise/traefik/17.0.1/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.1/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.1/templates/_portalhook.tpl b/enterprise/traefik/17.0.1/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.1/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.1/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.1/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.1/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.1/templates/common.yaml b/enterprise/traefik/17.0.1/templates/common.yaml
deleted file mode 100644
index 7833892df08..00000000000
--- a/enterprise/traefik/17.0.1/templates/common.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.1/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.1/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.1/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.1/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.1/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.1/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.1/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.1/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.1/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.1/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.1/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.1/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.1/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.1/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.1/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.1/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.1/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.1/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.1/values.yaml b/enterprise/traefik/17.0.1/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.10/CHANGELOG.md b/enterprise/traefik/17.0.10/CHANGELOG.md
deleted file mode 100644
index 004717d026b..00000000000
--- a/enterprise/traefik/17.0.10/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.10](https://github.com/truecharts/charts/compare/traefik-17.0.9...traefik-17.0.10) (2023-03-11)
-
-### Fix
-
-- bump to get metrics working
-
-
-
-
-## [traefik-17.0.9](https://github.com/truecharts/charts/compare/traefik-17.0.8...traefik-17.0.9) (2023-03-11)
-
-### Fix
-
-- bump to release fix for new service monitor
-
-
-
-
-## [traefik-17.0.8](https://github.com/truecharts/charts/compare/traefik-17.0.7...traefik-17.0.8) (2023-03-11)
-
-### Feat
-
-- generate a service monitor ([#7785](https://github.com/truecharts/charts/issues/7785))
-
-
-
-
-## [traefik-17.0.7](https://github.com/truecharts/charts/compare/traefik-17.0.6...traefik-17.0.7) (2023-03-07)
-
-### Fix
-
-- actually fix labels ([#7763](https://github.com/truecharts/charts/issues/7763))
-
-
-
-
-## [traefik-17.0.6](https://github.com/truecharts/charts/compare/traefik-17.0.5...traefik-17.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [traefik-17.0.0](https://github.com/truecharts/charts/compare/traefik-16.0.16...traefik-17.0.0) (2023-03-04)
-
-
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
diff --git a/enterprise/traefik/17.0.10/Chart.yaml b/enterprise/traefik/17.0.10/Chart.yaml
deleted file mode 100644
index 294c5aabeea..00000000000
--- a/enterprise/traefik/17.0.10/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.10
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.10/LICENSE b/enterprise/traefik/17.0.10/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.10/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.10/README.md b/enterprise/traefik/17.0.10/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.10/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.10/app-changelog.md b/enterprise/traefik/17.0.10/app-changelog.md
deleted file mode 100644
index cc39cf0591d..00000000000
--- a/enterprise/traefik/17.0.10/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.10](https://github.com/truecharts/charts/compare/traefik-17.0.9...traefik-17.0.10) (2023-03-11)
-
-### Fix
-
-- bump to get metrics working
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.10/app-readme.md b/enterprise/traefik/17.0.10/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.10/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.10/charts/common-12.2.24.tgz b/enterprise/traefik/17.0.10/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/traefik/17.0.10/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.10/ix_values.yaml b/enterprise/traefik/17.0.10/ix_values.yaml
deleted file mode 100644
index 56d75a4389a..00000000000
--- a/enterprise/traefik/17.0.10/ix_values.yaml
+++ /dev/null
@@ -1,416 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- main:
- enabled: true
- type: servicemonitor
- endpoints:
- - port: metrics
- path: /metrics
- targetSelector: metrics
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/traefik/17.0.10/questions.yaml b/enterprise/traefik/17.0.10/questions.yaml
deleted file mode 100644
index 6d4d536bf6d..00000000000
--- a/enterprise/traefik/17.0.10/questions.yaml
+++ /dev/null
@@ -1,2522 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: metrics
- group: Metrics
- label: Prometheus Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: prometheusRule
- label: PrometheusRule
- description: Enable and configure Prometheus Rules for the App.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: false
- # TODO: Rule List section
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.10/templates/NOTES.txt b/enterprise/traefik/17.0.10/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.10/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.10/templates/_args.tpl b/enterprise/traefik/17.0.10/templates/_args.tpl
deleted file mode 100644
index 7acee2f60ac..00000000000
--- a/enterprise/traefik/17.0.10/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint=metrics"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.10/templates/_helpers.tpl b/enterprise/traefik/17.0.10/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.10/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.10/templates/_ingressclass.tpl b/enterprise/traefik/17.0.10/templates/_ingressclass.tpl
deleted file mode 100644
index 004d4a6dcda..00000000000
--- a/enterprise/traefik/17.0.10/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.v1.common.lib.metadata.allLabels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.10/templates/_ingressroute.tpl b/enterprise/traefik/17.0.10/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.10/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.10/templates/_portalhook.tpl b/enterprise/traefik/17.0.10/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.10/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.10/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.10/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.10/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.10/templates/common.yaml b/enterprise/traefik/17.0.10/templates/common.yaml
deleted file mode 100644
index 7833892df08..00000000000
--- a/enterprise/traefik/17.0.10/templates/common.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.10/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.10/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.10/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.10/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.10/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.10/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.10/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.10/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.10/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.10/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.10/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.10/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.10/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.10/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.10/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.10/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.10/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.10/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.10/values.yaml b/enterprise/traefik/17.0.10/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.11/CHANGELOG.md b/enterprise/traefik/17.0.11/CHANGELOG.md
deleted file mode 100644
index 52b4a6659a9..00000000000
--- a/enterprise/traefik/17.0.11/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.11](https://github.com/truecharts/charts/compare/traefik-17.0.10...traefik-17.0.11) (2023-03-19)
-
-### Fix
-
-- fix portal button ([#7811](https://github.com/truecharts/charts/issues/7811))
-
-
-
-
-## [traefik-17.0.10](https://github.com/truecharts/charts/compare/traefik-17.0.9...traefik-17.0.10) (2023-03-11)
-
-### Fix
-
-- bump to get metrics working
-
-
-
-
-## [traefik-17.0.9](https://github.com/truecharts/charts/compare/traefik-17.0.8...traefik-17.0.9) (2023-03-11)
-
-### Fix
-
-- bump to release fix for new service monitor
-
-
-
-
-## [traefik-17.0.8](https://github.com/truecharts/charts/compare/traefik-17.0.7...traefik-17.0.8) (2023-03-11)
-
-### Feat
-
-- generate a service monitor ([#7785](https://github.com/truecharts/charts/issues/7785))
-
-
-
-
-## [traefik-17.0.7](https://github.com/truecharts/charts/compare/traefik-17.0.6...traefik-17.0.7) (2023-03-07)
-
-### Fix
-
-- actually fix labels ([#7763](https://github.com/truecharts/charts/issues/7763))
-
-
-
-
-## [traefik-17.0.6](https://github.com/truecharts/charts/compare/traefik-17.0.5...traefik-17.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
diff --git a/enterprise/traefik/17.0.11/Chart.yaml b/enterprise/traefik/17.0.11/Chart.yaml
deleted file mode 100644
index b09192e6b17..00000000000
--- a/enterprise/traefik/17.0.11/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.11
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.11/LICENSE b/enterprise/traefik/17.0.11/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.11/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.11/README.md b/enterprise/traefik/17.0.11/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.11/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.11/app-changelog.md b/enterprise/traefik/17.0.11/app-changelog.md
deleted file mode 100644
index 46ca117c618..00000000000
--- a/enterprise/traefik/17.0.11/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.11](https://github.com/truecharts/charts/compare/traefik-17.0.10...traefik-17.0.11) (2023-03-19)
-
-### Fix
-
-- fix portal button ([#7811](https://github.com/truecharts/charts/issues/7811))
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.11/app-readme.md b/enterprise/traefik/17.0.11/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.11/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.11/charts/common-12.2.24.tgz b/enterprise/traefik/17.0.11/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/traefik/17.0.11/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.11/ix_values.yaml b/enterprise/traefik/17.0.11/ix_values.yaml
deleted file mode 100644
index da317fc579c..00000000000
--- a/enterprise/traefik/17.0.11/ix_values.yaml
+++ /dev/null
@@ -1,419 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- main:
- enabled: true
- type: servicemonitor
- endpoints:
- - port: metrics
- path: /metrics
- targetSelector: metrics
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
- path: /dashboard/
- override:
- protocol: http
diff --git a/enterprise/traefik/17.0.11/questions.yaml b/enterprise/traefik/17.0.11/questions.yaml
deleted file mode 100644
index bfd5f230a2d..00000000000
--- a/enterprise/traefik/17.0.11/questions.yaml
+++ /dev/null
@@ -1,2522 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "$kubernetes-resource_configmap_tcportal-open_path"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["certificateIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: metrics
- group: Metrics
- label: Prometheus Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: prometheusRule
- label: PrometheusRule
- description: Enable and configure Prometheus Rules for the App.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: false
- # TODO: Rule List section
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.11/templates/NOTES.txt b/enterprise/traefik/17.0.11/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.11/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.11/templates/_args.tpl b/enterprise/traefik/17.0.11/templates/_args.tpl
deleted file mode 100644
index 7acee2f60ac..00000000000
--- a/enterprise/traefik/17.0.11/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint=metrics"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.11/templates/_helpers.tpl b/enterprise/traefik/17.0.11/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.11/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.11/templates/_ingressclass.tpl b/enterprise/traefik/17.0.11/templates/_ingressclass.tpl
deleted file mode 100644
index 004d4a6dcda..00000000000
--- a/enterprise/traefik/17.0.11/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.v1.common.lib.metadata.allLabels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.11/templates/_ingressroute.tpl b/enterprise/traefik/17.0.11/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.11/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.11/templates/_portalhook.tpl b/enterprise/traefik/17.0.11/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.11/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.11/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.11/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.11/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.11/templates/common.yaml b/enterprise/traefik/17.0.11/templates/common.yaml
deleted file mode 100644
index d70a9887a47..00000000000
--- a/enterprise/traefik/17.0.11/templates/common.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-{{- with .Values.ingress -}}
- {{- with .main -}}
- {{- if .enabled -}}
- {{- $_ := set $.Values.portal.open.override "protocol" "https" -}}
- {{- end -}}
- {{- end -}}
-{{- end -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.11/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.11/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.11/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.11/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.11/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.11/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.11/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.11/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.11/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.11/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.11/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.11/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.11/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.11/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.11/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.11/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.11/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.11/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.11/values.yaml b/enterprise/traefik/17.0.11/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.12/CHANGELOG.md b/enterprise/traefik/17.0.12/CHANGELOG.md
deleted file mode 100644
index c165f9d7640..00000000000
--- a/enterprise/traefik/17.0.12/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.12](https://github.com/truecharts/charts/compare/traefik-17.0.11...traefik-17.0.12) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
-
-
-## [traefik-17.0.11](https://github.com/truecharts/charts/compare/traefik-17.0.10...traefik-17.0.11) (2023-03-19)
-
-### Fix
-
-- fix portal button ([#7811](https://github.com/truecharts/charts/issues/7811))
-
-
-
-
-## [traefik-17.0.10](https://github.com/truecharts/charts/compare/traefik-17.0.9...traefik-17.0.10) (2023-03-11)
-
-### Fix
-
-- bump to get metrics working
-
-
-
-
-## [traefik-17.0.9](https://github.com/truecharts/charts/compare/traefik-17.0.8...traefik-17.0.9) (2023-03-11)
-
-### Fix
-
-- bump to release fix for new service monitor
-
-
-
-
-## [traefik-17.0.8](https://github.com/truecharts/charts/compare/traefik-17.0.7...traefik-17.0.8) (2023-03-11)
-
-### Feat
-
-- generate a service monitor ([#7785](https://github.com/truecharts/charts/issues/7785))
-
-
-
-
-## [traefik-17.0.7](https://github.com/truecharts/charts/compare/traefik-17.0.6...traefik-17.0.7) (2023-03-07)
-
-### Fix
-
-- actually fix labels ([#7763](https://github.com/truecharts/charts/issues/7763))
-
-
-
-
-## [traefik-17.0.6](https://github.com/truecharts/charts/compare/traefik-17.0.5...traefik-17.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
diff --git a/enterprise/traefik/17.0.12/Chart.yaml b/enterprise/traefik/17.0.12/Chart.yaml
deleted file mode 100644
index edf6a1772a6..00000000000
--- a/enterprise/traefik/17.0.12/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.28
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.12
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.12/LICENSE b/enterprise/traefik/17.0.12/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.12/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.12/README.md b/enterprise/traefik/17.0.12/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.12/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.12/app-changelog.md b/enterprise/traefik/17.0.12/app-changelog.md
deleted file mode 100644
index 996b2c98242..00000000000
--- a/enterprise/traefik/17.0.12/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.12](https://github.com/truecharts/charts/compare/traefik-17.0.11...traefik-17.0.12) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.12/app-readme.md b/enterprise/traefik/17.0.12/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.12/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.12/charts/common-12.2.28.tgz b/enterprise/traefik/17.0.12/charts/common-12.2.28.tgz
deleted file mode 100644
index 4a3a50054c6..00000000000
Binary files a/enterprise/traefik/17.0.12/charts/common-12.2.28.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.12/ix_values.yaml b/enterprise/traefik/17.0.12/ix_values.yaml
deleted file mode 100644
index da317fc579c..00000000000
--- a/enterprise/traefik/17.0.12/ix_values.yaml
+++ /dev/null
@@ -1,419 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- main:
- enabled: true
- type: servicemonitor
- endpoints:
- - port: metrics
- path: /metrics
- targetSelector: metrics
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
- path: /dashboard/
- override:
- protocol: http
diff --git a/enterprise/traefik/17.0.12/questions.yaml b/enterprise/traefik/17.0.12/questions.yaml
deleted file mode 100644
index bfd5f230a2d..00000000000
--- a/enterprise/traefik/17.0.12/questions.yaml
+++ /dev/null
@@ -1,2522 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "$kubernetes-resource_configmap_tcportal-open_path"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["certificateIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: metrics
- group: Metrics
- label: Prometheus Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: prometheusRule
- label: PrometheusRule
- description: Enable and configure Prometheus Rules for the App.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: false
- # TODO: Rule List section
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.12/templates/NOTES.txt b/enterprise/traefik/17.0.12/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.12/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.12/templates/_args.tpl b/enterprise/traefik/17.0.12/templates/_args.tpl
deleted file mode 100644
index 7acee2f60ac..00000000000
--- a/enterprise/traefik/17.0.12/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint=metrics"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.12/templates/_helpers.tpl b/enterprise/traefik/17.0.12/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.12/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.12/templates/_ingressclass.tpl b/enterprise/traefik/17.0.12/templates/_ingressclass.tpl
deleted file mode 100644
index 004d4a6dcda..00000000000
--- a/enterprise/traefik/17.0.12/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.v1.common.lib.metadata.allLabels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.12/templates/_ingressroute.tpl b/enterprise/traefik/17.0.12/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.12/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.12/templates/_portalhook.tpl b/enterprise/traefik/17.0.12/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.12/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.12/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.12/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.12/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.12/templates/common.yaml b/enterprise/traefik/17.0.12/templates/common.yaml
deleted file mode 100644
index d70a9887a47..00000000000
--- a/enterprise/traefik/17.0.12/templates/common.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-{{- with .Values.ingress -}}
- {{- with .main -}}
- {{- if .enabled -}}
- {{- $_ := set $.Values.portal.open.override "protocol" "https" -}}
- {{- end -}}
- {{- end -}}
-{{- end -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.12/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.12/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.12/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.12/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.12/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.12/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.12/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.12/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.12/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.12/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.12/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.12/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.12/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.12/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.12/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.12/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.12/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.12/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.12/values.yaml b/enterprise/traefik/17.0.12/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.13/CHANGELOG.md b/enterprise/traefik/17.0.13/CHANGELOG.md
deleted file mode 100644
index 084ad9e1728..00000000000
--- a/enterprise/traefik/17.0.13/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.13](https://github.com/truecharts/charts/compare/traefik-17.0.12...traefik-17.0.13) (2023-03-25)
-
-
-
-
-## [traefik-17.0.12](https://github.com/truecharts/charts/compare/traefik-17.0.11...traefik-17.0.12) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
-
-
-## [traefik-17.0.11](https://github.com/truecharts/charts/compare/traefik-17.0.10...traefik-17.0.11) (2023-03-19)
-
-### Fix
-
-- fix portal button ([#7811](https://github.com/truecharts/charts/issues/7811))
-
-
-
-
-## [traefik-17.0.10](https://github.com/truecharts/charts/compare/traefik-17.0.9...traefik-17.0.10) (2023-03-11)
-
-### Fix
-
-- bump to get metrics working
-
-
-
-
-## [traefik-17.0.9](https://github.com/truecharts/charts/compare/traefik-17.0.8...traefik-17.0.9) (2023-03-11)
-
-### Fix
-
-- bump to release fix for new service monitor
-
-
-
-
-## [traefik-17.0.8](https://github.com/truecharts/charts/compare/traefik-17.0.7...traefik-17.0.8) (2023-03-11)
-
-### Feat
-
-- generate a service monitor ([#7785](https://github.com/truecharts/charts/issues/7785))
-
-
-
-
-## [traefik-17.0.7](https://github.com/truecharts/charts/compare/traefik-17.0.6...traefik-17.0.7) (2023-03-07)
-
-### Fix
-
-- actually fix labels ([#7763](https://github.com/truecharts/charts/issues/7763))
-
-
-
-
-## [traefik-17.0.6](https://github.com/truecharts/charts/compare/traefik-17.0.5...traefik-17.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
diff --git a/enterprise/traefik/17.0.13/Chart.yaml b/enterprise/traefik/17.0.13/Chart.yaml
deleted file mode 100644
index 69747220411..00000000000
--- a/enterprise/traefik/17.0.13/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.28
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.13
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.13/LICENSE b/enterprise/traefik/17.0.13/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.13/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.13/README.md b/enterprise/traefik/17.0.13/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.13/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.13/app-changelog.md b/enterprise/traefik/17.0.13/app-changelog.md
deleted file mode 100644
index 643f94fd966..00000000000
--- a/enterprise/traefik/17.0.13/app-changelog.md
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-## [traefik-17.0.13](https://github.com/truecharts/charts/compare/traefik-17.0.12...traefik-17.0.13) (2023-03-25)
-
diff --git a/enterprise/traefik/17.0.13/app-readme.md b/enterprise/traefik/17.0.13/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.13/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.13/charts/common-12.2.28.tgz b/enterprise/traefik/17.0.13/charts/common-12.2.28.tgz
deleted file mode 100644
index 4a3a50054c6..00000000000
Binary files a/enterprise/traefik/17.0.13/charts/common-12.2.28.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.13/ix_values.yaml b/enterprise/traefik/17.0.13/ix_values.yaml
deleted file mode 100644
index 54ec179c8db..00000000000
--- a/enterprise/traefik/17.0.13/ix_values.yaml
+++ /dev/null
@@ -1,417 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- main:
- enabled: true
- type: servicemonitor
- endpoints:
- - port: metrics
- path: /metrics
- targetSelector: metrics
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
- path: /dashboard/
- override:
- protocol: http
diff --git a/enterprise/traefik/17.0.13/questions.yaml b/enterprise/traefik/17.0.13/questions.yaml
deleted file mode 100644
index bfd5f230a2d..00000000000
--- a/enterprise/traefik/17.0.13/questions.yaml
+++ /dev/null
@@ -1,2522 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "$kubernetes-resource_configmap_tcportal-open_path"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["certificateIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: metrics
- group: Metrics
- label: Prometheus Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: prometheusRule
- label: PrometheusRule
- description: Enable and configure Prometheus Rules for the App.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: false
- # TODO: Rule List section
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.13/templates/NOTES.txt b/enterprise/traefik/17.0.13/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.13/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.13/templates/_args.tpl b/enterprise/traefik/17.0.13/templates/_args.tpl
deleted file mode 100644
index cf1e35a1d49..00000000000
--- a/enterprise/traefik/17.0.13/templates/_args.tpl
+++ /dev/null
@@ -1,182 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.traefikMetrics }}
- {{- if .Values.traefikMetrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.traefikMetrics.datadog.address }}"
- {{- end }}
- {{- if .Values.traefikMetrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.traefikMetrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.traefikMetrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.traefikMetrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.traefikMetrics.statsd.address }}"
- {{- if or .Values.traefikMetrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint=metrics"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- if or .Values.metrics.main.enabled }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint=metrics"
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.13/templates/_helpers.tpl b/enterprise/traefik/17.0.13/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.13/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.13/templates/_ingressclass.tpl b/enterprise/traefik/17.0.13/templates/_ingressclass.tpl
deleted file mode 100644
index 004d4a6dcda..00000000000
--- a/enterprise/traefik/17.0.13/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.v1.common.lib.metadata.allLabels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.13/templates/_ingressroute.tpl b/enterprise/traefik/17.0.13/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.13/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.13/templates/_portalhook.tpl b/enterprise/traefik/17.0.13/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.13/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.13/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.13/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.13/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.13/templates/common.yaml b/enterprise/traefik/17.0.13/templates/common.yaml
deleted file mode 100644
index d70a9887a47..00000000000
--- a/enterprise/traefik/17.0.13/templates/common.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-{{- with .Values.ingress -}}
- {{- with .main -}}
- {{- if .enabled -}}
- {{- $_ := set $.Values.portal.open.override "protocol" "https" -}}
- {{- end -}}
- {{- end -}}
-{{- end -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.13/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.13/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.13/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.13/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.13/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.13/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.13/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.13/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.13/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.13/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.13/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.13/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.13/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.13/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.13/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.13/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.13/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.13/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.13/values.yaml b/enterprise/traefik/17.0.13/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.14/CHANGELOG.md b/enterprise/traefik/17.0.14/CHANGELOG.md
deleted file mode 100644
index a32fd5a1bc4..00000000000
--- a/enterprise/traefik/17.0.14/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.14](https://github.com/truecharts/charts/compare/traefik-17.0.13...traefik-17.0.14) (2023-04-05)
-
-### Chore
-
-- bump common to 32 on enterprise charts
-
-
-
-
-## [traefik-17.0.13](https://github.com/truecharts/charts/compare/traefik-17.0.12...traefik-17.0.13) (2023-03-25)
-
-
-
-
-## [traefik-17.0.12](https://github.com/truecharts/charts/compare/traefik-17.0.11...traefik-17.0.12) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
-
-
-## [traefik-17.0.11](https://github.com/truecharts/charts/compare/traefik-17.0.10...traefik-17.0.11) (2023-03-19)
-
-### Fix
-
-- fix portal button ([#7811](https://github.com/truecharts/charts/issues/7811))
-
-
-
-
-## [traefik-17.0.10](https://github.com/truecharts/charts/compare/traefik-17.0.9...traefik-17.0.10) (2023-03-11)
-
-### Fix
-
-- bump to get metrics working
-
-
-
-
-## [traefik-17.0.9](https://github.com/truecharts/charts/compare/traefik-17.0.8...traefik-17.0.9) (2023-03-11)
-
-### Fix
-
-- bump to release fix for new service monitor
-
-
-
-
-## [traefik-17.0.8](https://github.com/truecharts/charts/compare/traefik-17.0.7...traefik-17.0.8) (2023-03-11)
-
-### Feat
-
-- generate a service monitor ([#7785](https://github.com/truecharts/charts/issues/7785))
-
-
-
-
-## [traefik-17.0.7](https://github.com/truecharts/charts/compare/traefik-17.0.6...traefik-17.0.7) (2023-03-07)
-
-### Fix
-
-- actually fix labels ([#7763](https://github.com/truecharts/charts/issues/7763))
-
-
-
-
-## [traefik-17.0.6](https://github.com/truecharts/charts/compare/traefik-17.0.5...traefik-17.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
diff --git a/enterprise/traefik/17.0.14/Chart.yaml b/enterprise/traefik/17.0.14/Chart.yaml
deleted file mode 100644
index 7131dfab082..00000000000
--- a/enterprise/traefik/17.0.14/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.32
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.14
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.14/LICENSE b/enterprise/traefik/17.0.14/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.14/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.14/README.md b/enterprise/traefik/17.0.14/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.14/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.14/app-changelog.md b/enterprise/traefik/17.0.14/app-changelog.md
deleted file mode 100644
index e1c9e1a1eaf..00000000000
--- a/enterprise/traefik/17.0.14/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.14](https://github.com/truecharts/charts/compare/traefik-17.0.13...traefik-17.0.14) (2023-04-05)
-
-### Chore
-
-- bump common to 32 on enterprise charts
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.14/app-readme.md b/enterprise/traefik/17.0.14/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.14/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.14/charts/common-12.2.32.tgz b/enterprise/traefik/17.0.14/charts/common-12.2.32.tgz
deleted file mode 100644
index 3304bd5a80b..00000000000
Binary files a/enterprise/traefik/17.0.14/charts/common-12.2.32.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.14/ix_values.yaml b/enterprise/traefik/17.0.14/ix_values.yaml
deleted file mode 100644
index 54ec179c8db..00000000000
--- a/enterprise/traefik/17.0.14/ix_values.yaml
+++ /dev/null
@@ -1,417 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- main:
- enabled: true
- type: servicemonitor
- endpoints:
- - port: metrics
- path: /metrics
- targetSelector: metrics
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
- path: /dashboard/
- override:
- protocol: http
diff --git a/enterprise/traefik/17.0.14/questions.yaml b/enterprise/traefik/17.0.14/questions.yaml
deleted file mode 100644
index bfd5f230a2d..00000000000
--- a/enterprise/traefik/17.0.14/questions.yaml
+++ /dev/null
@@ -1,2522 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "$kubernetes-resource_configmap_tcportal-open_path"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["certificateIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: metrics
- group: Metrics
- label: Prometheus Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: prometheusRule
- label: PrometheusRule
- description: Enable and configure Prometheus Rules for the App.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: false
- # TODO: Rule List section
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.14/templates/NOTES.txt b/enterprise/traefik/17.0.14/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.14/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.14/templates/_args.tpl b/enterprise/traefik/17.0.14/templates/_args.tpl
deleted file mode 100644
index cf1e35a1d49..00000000000
--- a/enterprise/traefik/17.0.14/templates/_args.tpl
+++ /dev/null
@@ -1,182 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.traefikMetrics }}
- {{- if .Values.traefikMetrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.traefikMetrics.datadog.address }}"
- {{- end }}
- {{- if .Values.traefikMetrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.traefikMetrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.traefikMetrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.traefikMetrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.traefikMetrics.statsd.address }}"
- {{- if or .Values.traefikMetrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint=metrics"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- if or .Values.metrics.main.enabled }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint=metrics"
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.14/templates/_helpers.tpl b/enterprise/traefik/17.0.14/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.14/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.14/templates/_ingressclass.tpl b/enterprise/traefik/17.0.14/templates/_ingressclass.tpl
deleted file mode 100644
index 004d4a6dcda..00000000000
--- a/enterprise/traefik/17.0.14/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.v1.common.lib.metadata.allLabels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.14/templates/_ingressroute.tpl b/enterprise/traefik/17.0.14/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.14/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.14/templates/_portalhook.tpl b/enterprise/traefik/17.0.14/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.14/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.14/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.14/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.14/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.14/templates/common.yaml b/enterprise/traefik/17.0.14/templates/common.yaml
deleted file mode 100644
index d70a9887a47..00000000000
--- a/enterprise/traefik/17.0.14/templates/common.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-{{- with .Values.ingress -}}
- {{- with .main -}}
- {{- if .enabled -}}
- {{- $_ := set $.Values.portal.open.override "protocol" "https" -}}
- {{- end -}}
- {{- end -}}
-{{- end -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.14/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.14/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.14/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.14/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.14/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.14/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.14/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.14/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.14/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.14/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.14/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.14/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.14/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.14/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.14/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.14/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.14/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.14/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.14/values.yaml b/enterprise/traefik/17.0.14/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.15/CHANGELOG.md b/enterprise/traefik/17.0.15/CHANGELOG.md
deleted file mode 100644
index d372583e105..00000000000
--- a/enterprise/traefik/17.0.15/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.15](https://github.com/truecharts/charts/compare/traefik-17.0.14...traefik-17.0.15) (2023-04-07)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.9 ([#7883](https://github.com/truecharts/charts/issues/7883))
-
-
-
-
-## [traefik-17.0.14](https://github.com/truecharts/charts/compare/traefik-17.0.13...traefik-17.0.14) (2023-04-05)
-
-### Chore
-
-- bump common to 32 on enterprise charts
-
-
-
-
-## [traefik-17.0.13](https://github.com/truecharts/charts/compare/traefik-17.0.12...traefik-17.0.13) (2023-03-25)
-
-
-
-
-## [traefik-17.0.12](https://github.com/truecharts/charts/compare/traefik-17.0.11...traefik-17.0.12) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
-
-
-## [traefik-17.0.11](https://github.com/truecharts/charts/compare/traefik-17.0.10...traefik-17.0.11) (2023-03-19)
-
-### Fix
-
-- fix portal button ([#7811](https://github.com/truecharts/charts/issues/7811))
-
-
-
-
-## [traefik-17.0.10](https://github.com/truecharts/charts/compare/traefik-17.0.9...traefik-17.0.10) (2023-03-11)
-
-### Fix
-
-- bump to get metrics working
-
-
-
-
-## [traefik-17.0.9](https://github.com/truecharts/charts/compare/traefik-17.0.8...traefik-17.0.9) (2023-03-11)
-
-### Fix
-
-- bump to release fix for new service monitor
-
-
-
-
-## [traefik-17.0.8](https://github.com/truecharts/charts/compare/traefik-17.0.7...traefik-17.0.8) (2023-03-11)
-
-### Feat
-
-- generate a service monitor ([#7785](https://github.com/truecharts/charts/issues/7785))
-
-
-
-
-## [traefik-17.0.7](https://github.com/truecharts/charts/compare/traefik-17.0.6...traefik-17.0.7) (2023-03-07)
-
-### Fix
-
-- actually fix labels ([#7763](https://github.com/truecharts/charts/issues/7763))
-
-
-
-
-## [traefik-17.0.6](https://github.com/truecharts/charts/compare/traefik-17.0.5...traefik-17.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
diff --git a/enterprise/traefik/17.0.15/Chart.yaml b/enterprise/traefik/17.0.15/Chart.yaml
deleted file mode 100644
index 04e085e483f..00000000000
--- a/enterprise/traefik/17.0.15/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.9"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.32
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.15
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.15/LICENSE b/enterprise/traefik/17.0.15/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.15/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.15/README.md b/enterprise/traefik/17.0.15/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.15/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.15/app-changelog.md b/enterprise/traefik/17.0.15/app-changelog.md
deleted file mode 100644
index 68399de2c00..00000000000
--- a/enterprise/traefik/17.0.15/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.15](https://github.com/truecharts/charts/compare/traefik-17.0.14...traefik-17.0.15) (2023-04-07)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.9 ([#7883](https://github.com/truecharts/charts/issues/7883))
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.15/app-readme.md b/enterprise/traefik/17.0.15/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.15/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.15/charts/common-12.2.32.tgz b/enterprise/traefik/17.0.15/charts/common-12.2.32.tgz
deleted file mode 100644
index 3304bd5a80b..00000000000
Binary files a/enterprise/traefik/17.0.15/charts/common-12.2.32.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.15/ix_values.yaml b/enterprise/traefik/17.0.15/ix_values.yaml
deleted file mode 100644
index 8aabf64f5e2..00000000000
--- a/enterprise/traefik/17.0.15/ix_values.yaml
+++ /dev/null
@@ -1,417 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.9@sha256:4b9750e70b54df2a0c39c3262fe2963815a0304b7982fb8f80d0782a8e8021fa
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- main:
- enabled: true
- type: servicemonitor
- endpoints:
- - port: metrics
- path: /metrics
- targetSelector: metrics
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
- path: /dashboard/
- override:
- protocol: http
diff --git a/enterprise/traefik/17.0.15/questions.yaml b/enterprise/traefik/17.0.15/questions.yaml
deleted file mode 100644
index bfd5f230a2d..00000000000
--- a/enterprise/traefik/17.0.15/questions.yaml
+++ /dev/null
@@ -1,2522 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "$kubernetes-resource_configmap_tcportal-open_path"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["certificateIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: metrics
- group: Metrics
- label: Prometheus Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: prometheusRule
- label: PrometheusRule
- description: Enable and configure Prometheus Rules for the App.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: false
- # TODO: Rule List section
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.15/templates/NOTES.txt b/enterprise/traefik/17.0.15/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.15/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.15/templates/_args.tpl b/enterprise/traefik/17.0.15/templates/_args.tpl
deleted file mode 100644
index cf1e35a1d49..00000000000
--- a/enterprise/traefik/17.0.15/templates/_args.tpl
+++ /dev/null
@@ -1,182 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.traefikMetrics }}
- {{- if .Values.traefikMetrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.traefikMetrics.datadog.address }}"
- {{- end }}
- {{- if .Values.traefikMetrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.traefikMetrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.traefikMetrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.traefikMetrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.traefikMetrics.statsd.address }}"
- {{- if or .Values.traefikMetrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint=metrics"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- if or .Values.metrics.main.enabled }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint=metrics"
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.15/templates/_helpers.tpl b/enterprise/traefik/17.0.15/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.15/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.15/templates/_ingressclass.tpl b/enterprise/traefik/17.0.15/templates/_ingressclass.tpl
deleted file mode 100644
index 004d4a6dcda..00000000000
--- a/enterprise/traefik/17.0.15/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.v1.common.lib.metadata.allLabels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.15/templates/_ingressroute.tpl b/enterprise/traefik/17.0.15/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.15/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.15/templates/_portalhook.tpl b/enterprise/traefik/17.0.15/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.15/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.15/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.15/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.15/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.15/templates/common.yaml b/enterprise/traefik/17.0.15/templates/common.yaml
deleted file mode 100644
index d70a9887a47..00000000000
--- a/enterprise/traefik/17.0.15/templates/common.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-{{- with .Values.ingress -}}
- {{- with .main -}}
- {{- if .enabled -}}
- {{- $_ := set $.Values.portal.open.override "protocol" "https" -}}
- {{- end -}}
- {{- end -}}
-{{- end -}}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.15/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.15/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.15/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.15/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.15/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.15/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.15/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.15/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.15/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.15/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.15/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.15/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.15/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.15/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.15/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.15/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.15/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.15/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.15/values.yaml b/enterprise/traefik/17.0.15/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.3/CHANGELOG.md b/enterprise/traefik/17.0.3/CHANGELOG.md
deleted file mode 100644
index 9112f3326f5..00000000000
--- a/enterprise/traefik/17.0.3/CHANGELOG.md
+++ /dev/null
@@ -1,84 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [traefik-17.0.0](https://github.com/truecharts/charts/compare/traefik-16.0.16...traefik-17.0.0) (2023-03-04)
-
-
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.8
-
-
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.7
-
-
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v
-
-
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to 2.9.6
-
-
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
-
-- Add blacklistMode on geoblock and fix label ([#6416](https://github.com/truecharts/charts/issues/6416))
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
- ### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.3/Chart.yaml b/enterprise/traefik/17.0.3/Chart.yaml
deleted file mode 100644
index b14841662ec..00000000000
--- a/enterprise/traefik/17.0.3/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.18
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.3
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.3/LICENSE b/enterprise/traefik/17.0.3/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.3/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.3/README.md b/enterprise/traefik/17.0.3/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.3/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.3/app-changelog.md b/enterprise/traefik/17.0.3/app-changelog.md
deleted file mode 100644
index ef475b11c49..00000000000
--- a/enterprise/traefik/17.0.3/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.3/app-readme.md b/enterprise/traefik/17.0.3/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.3/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.3/charts/common-12.2.18.tgz b/enterprise/traefik/17.0.3/charts/common-12.2.18.tgz
deleted file mode 100644
index 3a48d999d53..00000000000
Binary files a/enterprise/traefik/17.0.3/charts/common-12.2.18.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.3/ix_values.yaml b/enterprise/traefik/17.0.3/ix_values.yaml
deleted file mode 100644
index f78e5b7465a..00000000000
--- a/enterprise/traefik/17.0.3/ix_values.yaml
+++ /dev/null
@@ -1,418 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/traefik/17.0.3/questions.yaml b/enterprise/traefik/17.0.3/questions.yaml
deleted file mode 100644
index d9616f62f10..00000000000
--- a/enterprise/traefik/17.0.3/questions.yaml
+++ /dev/null
@@ -1,2488 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.3/templates/NOTES.txt b/enterprise/traefik/17.0.3/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.3/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.3/templates/_args.tpl b/enterprise/traefik/17.0.3/templates/_args.tpl
deleted file mode 100644
index 3fef2e1f777..00000000000
--- a/enterprise/traefik/17.0.3/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.3/templates/_helpers.tpl b/enterprise/traefik/17.0.3/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.3/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.3/templates/_ingressclass.tpl b/enterprise/traefik/17.0.3/templates/_ingressclass.tpl
deleted file mode 100644
index 909e249d6a5..00000000000
--- a/enterprise/traefik/17.0.3/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.3/templates/_ingressroute.tpl b/enterprise/traefik/17.0.3/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.3/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.3/templates/_portalhook.tpl b/enterprise/traefik/17.0.3/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.3/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.3/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.3/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.3/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.3/templates/common.yaml b/enterprise/traefik/17.0.3/templates/common.yaml
deleted file mode 100644
index 7833892df08..00000000000
--- a/enterprise/traefik/17.0.3/templates/common.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.3/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.3/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.3/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.3/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.3/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.3/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.3/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.3/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.3/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.3/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.3/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.3/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.3/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.3/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.3/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.3/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.3/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.3/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.3/values.yaml b/enterprise/traefik/17.0.3/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.4/CHANGELOG.md b/enterprise/traefik/17.0.4/CHANGELOG.md
deleted file mode 100644
index bdab5e0d839..00000000000
--- a/enterprise/traefik/17.0.4/CHANGELOG.md
+++ /dev/null
@@ -1,93 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [traefik-17.0.0](https://github.com/truecharts/charts/compare/traefik-16.0.16...traefik-17.0.0) (2023-03-04)
-
-
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.8
-
-
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.7
-
-
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v
-
-
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to 2.9.6
-
-
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
-
-- Add blacklistMode on geoblock and fix label ([#6416](https://github.com/truecharts/charts/issues/6416))
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
- ### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.4/Chart.yaml b/enterprise/traefik/17.0.4/Chart.yaml
deleted file mode 100644
index dab0c922333..00000000000
--- a/enterprise/traefik/17.0.4/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.19
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.4
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.4/LICENSE b/enterprise/traefik/17.0.4/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.4/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.4/README.md b/enterprise/traefik/17.0.4/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.4/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.4/app-changelog.md b/enterprise/traefik/17.0.4/app-changelog.md
deleted file mode 100644
index 1d006e76123..00000000000
--- a/enterprise/traefik/17.0.4/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.4/app-readme.md b/enterprise/traefik/17.0.4/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.4/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.4/charts/common-12.2.19.tgz b/enterprise/traefik/17.0.4/charts/common-12.2.19.tgz
deleted file mode 100644
index 7959002233d..00000000000
Binary files a/enterprise/traefik/17.0.4/charts/common-12.2.19.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.4/ix_values.yaml b/enterprise/traefik/17.0.4/ix_values.yaml
deleted file mode 100644
index f78e5b7465a..00000000000
--- a/enterprise/traefik/17.0.4/ix_values.yaml
+++ /dev/null
@@ -1,418 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/traefik/17.0.4/questions.yaml b/enterprise/traefik/17.0.4/questions.yaml
deleted file mode 100644
index d9616f62f10..00000000000
--- a/enterprise/traefik/17.0.4/questions.yaml
+++ /dev/null
@@ -1,2488 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.4/templates/NOTES.txt b/enterprise/traefik/17.0.4/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.4/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.4/templates/_args.tpl b/enterprise/traefik/17.0.4/templates/_args.tpl
deleted file mode 100644
index 3fef2e1f777..00000000000
--- a/enterprise/traefik/17.0.4/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.4/templates/_helpers.tpl b/enterprise/traefik/17.0.4/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.4/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.4/templates/_ingressclass.tpl b/enterprise/traefik/17.0.4/templates/_ingressclass.tpl
deleted file mode 100644
index 909e249d6a5..00000000000
--- a/enterprise/traefik/17.0.4/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.4/templates/_ingressroute.tpl b/enterprise/traefik/17.0.4/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.4/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.4/templates/_portalhook.tpl b/enterprise/traefik/17.0.4/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.4/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.4/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.4/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.4/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.4/templates/common.yaml b/enterprise/traefik/17.0.4/templates/common.yaml
deleted file mode 100644
index 7833892df08..00000000000
--- a/enterprise/traefik/17.0.4/templates/common.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.4/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.4/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.4/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.4/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.4/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.4/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.4/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.4/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.4/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.4/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.4/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.4/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.4/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.4/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.4/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.4/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.4/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.4/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.4/values.yaml b/enterprise/traefik/17.0.4/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.5/CHANGELOG.md b/enterprise/traefik/17.0.5/CHANGELOG.md
deleted file mode 100644
index 52a4a50c519..00000000000
--- a/enterprise/traefik/17.0.5/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [traefik-17.0.0](https://github.com/truecharts/charts/compare/traefik-16.0.16...traefik-17.0.0) (2023-03-04)
-
-
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.8
-
-
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.7
-
-
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v
-
-
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to 2.9.6
-
-
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
-
-- Add blacklistMode on geoblock and fix label ([#6416](https://github.com/truecharts/charts/issues/6416))
-
- ### Feat
-
-- move Grafana, Prometheus and Traefik to Enterprise Train ([#6372](https://github.com/truecharts/charts/issues/6372))
-
- ### Fix
-
diff --git a/enterprise/traefik/17.0.5/Chart.yaml b/enterprise/traefik/17.0.5/Chart.yaml
deleted file mode 100644
index 6d171a6a9ad..00000000000
--- a/enterprise/traefik/17.0.5/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.19
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.5
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.5/LICENSE b/enterprise/traefik/17.0.5/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.5/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.5/README.md b/enterprise/traefik/17.0.5/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.5/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.5/app-changelog.md b/enterprise/traefik/17.0.5/app-changelog.md
deleted file mode 100644
index 8e974a3be7f..00000000000
--- a/enterprise/traefik/17.0.5/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.5/app-readme.md b/enterprise/traefik/17.0.5/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.5/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.5/charts/common-12.2.19.tgz b/enterprise/traefik/17.0.5/charts/common-12.2.19.tgz
deleted file mode 100644
index 7959002233d..00000000000
Binary files a/enterprise/traefik/17.0.5/charts/common-12.2.19.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.5/ix_values.yaml b/enterprise/traefik/17.0.5/ix_values.yaml
deleted file mode 100644
index f78e5b7465a..00000000000
--- a/enterprise/traefik/17.0.5/ix_values.yaml
+++ /dev/null
@@ -1,418 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/traefik/17.0.5/questions.yaml b/enterprise/traefik/17.0.5/questions.yaml
deleted file mode 100644
index d9616f62f10..00000000000
--- a/enterprise/traefik/17.0.5/questions.yaml
+++ /dev/null
@@ -1,2488 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.5/templates/NOTES.txt b/enterprise/traefik/17.0.5/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.5/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.5/templates/_args.tpl b/enterprise/traefik/17.0.5/templates/_args.tpl
deleted file mode 100644
index 3fef2e1f777..00000000000
--- a/enterprise/traefik/17.0.5/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.5/templates/_helpers.tpl b/enterprise/traefik/17.0.5/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.5/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.5/templates/_ingressclass.tpl b/enterprise/traefik/17.0.5/templates/_ingressclass.tpl
deleted file mode 100644
index a9b432449a9..00000000000
--- a/enterprise/traefik/17.0.5/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.v1.common.allLabels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.5/templates/_ingressroute.tpl b/enterprise/traefik/17.0.5/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.5/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.5/templates/_portalhook.tpl b/enterprise/traefik/17.0.5/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.5/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.5/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.5/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.5/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.5/templates/common.yaml b/enterprise/traefik/17.0.5/templates/common.yaml
deleted file mode 100644
index 7833892df08..00000000000
--- a/enterprise/traefik/17.0.5/templates/common.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.5/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.5/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.5/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.5/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.5/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.5/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.5/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.5/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.5/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.5/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.5/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.5/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.5/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.5/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.5/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.5/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.5/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.5/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.5/values.yaml b/enterprise/traefik/17.0.5/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.6/CHANGELOG.md b/enterprise/traefik/17.0.6/CHANGELOG.md
deleted file mode 100644
index 94d44782564..00000000000
--- a/enterprise/traefik/17.0.6/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.6](https://github.com/truecharts/charts/compare/traefik-17.0.5...traefik-17.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [traefik-17.0.0](https://github.com/truecharts/charts/compare/traefik-16.0.16...traefik-17.0.0) (2023-03-04)
-
-
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.8
-
-
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.7
-
-
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v
-
-
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to 2.9.6
-
-
-
-
-## [traefik-16.0.12](https://github.com/truecharts/charts/compare/traefik-16.0.11...traefik-16.0.12) (2023-02-10)
-
-### Chore
diff --git a/enterprise/traefik/17.0.6/Chart.yaml b/enterprise/traefik/17.0.6/Chart.yaml
deleted file mode 100644
index 27cfdfe99d9..00000000000
--- a/enterprise/traefik/17.0.6/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.6
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.6/LICENSE b/enterprise/traefik/17.0.6/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.6/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.6/README.md b/enterprise/traefik/17.0.6/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.6/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.6/app-changelog.md b/enterprise/traefik/17.0.6/app-changelog.md
deleted file mode 100644
index ae2c2d1274b..00000000000
--- a/enterprise/traefik/17.0.6/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.6](https://github.com/truecharts/charts/compare/traefik-17.0.5...traefik-17.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.6/app-readme.md b/enterprise/traefik/17.0.6/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.6/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.6/charts/common-12.2.24.tgz b/enterprise/traefik/17.0.6/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/traefik/17.0.6/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.6/ix_values.yaml b/enterprise/traefik/17.0.6/ix_values.yaml
deleted file mode 100644
index f78e5b7465a..00000000000
--- a/enterprise/traefik/17.0.6/ix_values.yaml
+++ /dev/null
@@ -1,418 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/traefik/17.0.6/questions.yaml b/enterprise/traefik/17.0.6/questions.yaml
deleted file mode 100644
index 339f948e6e6..00000000000
--- a/enterprise/traefik/17.0.6/questions.yaml
+++ /dev/null
@@ -1,2488 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.6/templates/NOTES.txt b/enterprise/traefik/17.0.6/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.6/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.6/templates/_args.tpl b/enterprise/traefik/17.0.6/templates/_args.tpl
deleted file mode 100644
index 3fef2e1f777..00000000000
--- a/enterprise/traefik/17.0.6/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.6/templates/_helpers.tpl b/enterprise/traefik/17.0.6/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.6/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.6/templates/_ingressclass.tpl b/enterprise/traefik/17.0.6/templates/_ingressclass.tpl
deleted file mode 100644
index a9b432449a9..00000000000
--- a/enterprise/traefik/17.0.6/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.v1.common.allLabels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.6/templates/_ingressroute.tpl b/enterprise/traefik/17.0.6/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.6/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.6/templates/_portalhook.tpl b/enterprise/traefik/17.0.6/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.6/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.6/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.6/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.6/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.6/templates/common.yaml b/enterprise/traefik/17.0.6/templates/common.yaml
deleted file mode 100644
index 7833892df08..00000000000
--- a/enterprise/traefik/17.0.6/templates/common.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.6/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.6/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.6/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.6/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.6/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.6/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.6/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.6/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.6/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.6/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.6/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.6/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.6/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.6/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.6/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.6/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.6/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.6/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.6/values.yaml b/enterprise/traefik/17.0.6/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.7/CHANGELOG.md b/enterprise/traefik/17.0.7/CHANGELOG.md
deleted file mode 100644
index 9aa5ccbb98b..00000000000
--- a/enterprise/traefik/17.0.7/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.7](https://github.com/truecharts/charts/compare/traefik-17.0.6...traefik-17.0.7) (2023-03-07)
-
-### Fix
-
-- actually fix labels ([#7763](https://github.com/truecharts/charts/issues/7763))
-
-
-
-
-## [traefik-17.0.6](https://github.com/truecharts/charts/compare/traefik-17.0.5...traefik-17.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [traefik-17.0.0](https://github.com/truecharts/charts/compare/traefik-16.0.16...traefik-17.0.0) (2023-03-04)
-
-
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.8
-
-
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.7
-
-
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v
-
-
-
-
-## [traefik-16.0.13](https://github.com/truecharts/charts/compare/traefik-16.0.12...traefik-16.0.13) (2023-02-11)
-
-### Chore
diff --git a/enterprise/traefik/17.0.7/Chart.yaml b/enterprise/traefik/17.0.7/Chart.yaml
deleted file mode 100644
index 50661b72eff..00000000000
--- a/enterprise/traefik/17.0.7/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.7
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.7/LICENSE b/enterprise/traefik/17.0.7/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.7/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.7/README.md b/enterprise/traefik/17.0.7/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.7/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.7/app-changelog.md b/enterprise/traefik/17.0.7/app-changelog.md
deleted file mode 100644
index 0c46885a6b3..00000000000
--- a/enterprise/traefik/17.0.7/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.7](https://github.com/truecharts/charts/compare/traefik-17.0.6...traefik-17.0.7) (2023-03-07)
-
-### Fix
-
-- actually fix labels ([#7763](https://github.com/truecharts/charts/issues/7763))
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.7/app-readme.md b/enterprise/traefik/17.0.7/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.7/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.7/charts/common-12.2.24.tgz b/enterprise/traefik/17.0.7/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/traefik/17.0.7/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.7/ix_values.yaml b/enterprise/traefik/17.0.7/ix_values.yaml
deleted file mode 100644
index f78e5b7465a..00000000000
--- a/enterprise/traefik/17.0.7/ix_values.yaml
+++ /dev/null
@@ -1,418 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- # datadog:
- # address: 127.0.0.1:8125
- # influxdb:
- # address: localhost:8089
- # protocol: udp
- prometheus:
- entryPoint: metrics
- # statsd:
- # address: localhost:8125
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/traefik/17.0.7/questions.yaml b/enterprise/traefik/17.0.7/questions.yaml
deleted file mode 100644
index 339f948e6e6..00000000000
--- a/enterprise/traefik/17.0.7/questions.yaml
+++ /dev/null
@@ -1,2488 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.7/templates/NOTES.txt b/enterprise/traefik/17.0.7/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.7/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.7/templates/_args.tpl b/enterprise/traefik/17.0.7/templates/_args.tpl
deleted file mode 100644
index 3fef2e1f777..00000000000
--- a/enterprise/traefik/17.0.7/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.7/templates/_helpers.tpl b/enterprise/traefik/17.0.7/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.7/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.7/templates/_ingressclass.tpl b/enterprise/traefik/17.0.7/templates/_ingressclass.tpl
deleted file mode 100644
index 004d4a6dcda..00000000000
--- a/enterprise/traefik/17.0.7/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.v1.common.lib.metadata.allLabels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.7/templates/_ingressroute.tpl b/enterprise/traefik/17.0.7/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.7/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.7/templates/_portalhook.tpl b/enterprise/traefik/17.0.7/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.7/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.7/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.7/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.7/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.7/templates/common.yaml b/enterprise/traefik/17.0.7/templates/common.yaml
deleted file mode 100644
index 7833892df08..00000000000
--- a/enterprise/traefik/17.0.7/templates/common.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.7/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.7/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.7/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.7/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.7/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.7/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.7/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.7/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.7/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.7/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.7/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.7/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.7/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.7/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.7/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.7/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.7/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.7/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.7/values.yaml b/enterprise/traefik/17.0.7/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.8/CHANGELOG.md b/enterprise/traefik/17.0.8/CHANGELOG.md
deleted file mode 100644
index ea1db45fed5..00000000000
--- a/enterprise/traefik/17.0.8/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.8](https://github.com/truecharts/charts/compare/traefik-17.0.7...traefik-17.0.8) (2023-03-11)
-
-### Feat
-
-- generate a service monitor ([#7785](https://github.com/truecharts/charts/issues/7785))
-
-
-
-
-## [traefik-17.0.7](https://github.com/truecharts/charts/compare/traefik-17.0.6...traefik-17.0.7) (2023-03-07)
-
-### Fix
-
-- actually fix labels ([#7763](https://github.com/truecharts/charts/issues/7763))
-
-
-
-
-## [traefik-17.0.6](https://github.com/truecharts/charts/compare/traefik-17.0.5...traefik-17.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [traefik-17.0.0](https://github.com/truecharts/charts/compare/traefik-16.0.16...traefik-17.0.0) (2023-03-04)
-
-
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.8
-
-
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.7
-
-
-
-
-## [traefik-16.0.14](https://github.com/truecharts/charts/compare/traefik-16.0.13...traefik-16.0.14) (2023-02-15)
-
-### Chore
diff --git a/enterprise/traefik/17.0.8/Chart.yaml b/enterprise/traefik/17.0.8/Chart.yaml
deleted file mode 100644
index aa025bcaed5..00000000000
--- a/enterprise/traefik/17.0.8/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.8
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.8/LICENSE b/enterprise/traefik/17.0.8/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.8/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.8/README.md b/enterprise/traefik/17.0.8/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.8/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.8/app-changelog.md b/enterprise/traefik/17.0.8/app-changelog.md
deleted file mode 100644
index 2babae668a1..00000000000
--- a/enterprise/traefik/17.0.8/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.8](https://github.com/truecharts/charts/compare/traefik-17.0.7...traefik-17.0.8) (2023-03-11)
-
-### Feat
-
-- generate a service monitor ([#7785](https://github.com/truecharts/charts/issues/7785))
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.8/app-readme.md b/enterprise/traefik/17.0.8/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.8/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.8/charts/common-12.2.24.tgz b/enterprise/traefik/17.0.8/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/traefik/17.0.8/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.8/ix_values.yaml b/enterprise/traefik/17.0.8/ix_values.yaml
deleted file mode 100644
index 0faa446dd82..00000000000
--- a/enterprise/traefik/17.0.8/ix_values.yaml
+++ /dev/null
@@ -1,418 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- metrics:
- enabled: true
- type: servicemonitor
- endpoints:
- - port: metrics
- path: /metrics
- targetSelector: metrics
- prometheus:
- entryPoint: metrics
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/traefik/17.0.8/questions.yaml b/enterprise/traefik/17.0.8/questions.yaml
deleted file mode 100644
index 6d4d536bf6d..00000000000
--- a/enterprise/traefik/17.0.8/questions.yaml
+++ /dev/null
@@ -1,2522 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: metrics
- group: Metrics
- label: Prometheus Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: prometheusRule
- label: PrometheusRule
- description: Enable and configure Prometheus Rules for the App.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: false
- # TODO: Rule List section
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.8/templates/NOTES.txt b/enterprise/traefik/17.0.8/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.8/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.8/templates/_args.tpl b/enterprise/traefik/17.0.8/templates/_args.tpl
deleted file mode 100644
index 3fef2e1f777..00000000000
--- a/enterprise/traefik/17.0.8/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.8/templates/_helpers.tpl b/enterprise/traefik/17.0.8/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.8/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.8/templates/_ingressclass.tpl b/enterprise/traefik/17.0.8/templates/_ingressclass.tpl
deleted file mode 100644
index 004d4a6dcda..00000000000
--- a/enterprise/traefik/17.0.8/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.v1.common.lib.metadata.allLabels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.8/templates/_ingressroute.tpl b/enterprise/traefik/17.0.8/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.8/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.8/templates/_portalhook.tpl b/enterprise/traefik/17.0.8/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.8/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.8/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.8/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.8/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.8/templates/common.yaml b/enterprise/traefik/17.0.8/templates/common.yaml
deleted file mode 100644
index 7833892df08..00000000000
--- a/enterprise/traefik/17.0.8/templates/common.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.8/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.8/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.8/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.8/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.8/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.8/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.8/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.8/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.8/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.8/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.8/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.8/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.8/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.8/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.8/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.8/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.8/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.8/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.8/values.yaml b/enterprise/traefik/17.0.8/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/traefik/17.0.9/CHANGELOG.md b/enterprise/traefik/17.0.9/CHANGELOG.md
deleted file mode 100644
index ead39bc415b..00000000000
--- a/enterprise/traefik/17.0.9/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [traefik-17.0.9](https://github.com/truecharts/charts/compare/traefik-17.0.8...traefik-17.0.9) (2023-03-11)
-
-### Fix
-
-- bump to release fix for new service monitor
-
-
-
-
-## [traefik-17.0.8](https://github.com/truecharts/charts/compare/traefik-17.0.7...traefik-17.0.8) (2023-03-11)
-
-### Feat
-
-- generate a service monitor ([#7785](https://github.com/truecharts/charts/issues/7785))
-
-
-
-
-## [traefik-17.0.7](https://github.com/truecharts/charts/compare/traefik-17.0.6...traefik-17.0.7) (2023-03-07)
-
-### Fix
-
-- actually fix labels ([#7763](https://github.com/truecharts/charts/issues/7763))
-
-
-
-
-## [traefik-17.0.6](https://github.com/truecharts/charts/compare/traefik-17.0.5...traefik-17.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [traefik-17.0.5](https://github.com/truecharts/charts/compare/traefik-17.0.4...traefik-17.0.5) (2023-03-07)
-
-### Fix
-
-- fix labels ([#7759](https://github.com/truecharts/charts/issues/7759))
-
-
-
-
-## [traefik-17.0.4](https://github.com/truecharts/charts/compare/traefik-17.0.3...traefik-17.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [traefik-17.0.3](https://github.com/truecharts/charts/compare/traefik-17.0.1...traefik-17.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [traefik-17.0.1](https://github.com/truecharts/charts/compare/traefik-17.0.0...traefik-17.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [traefik-17.0.0](https://github.com/truecharts/charts/compare/traefik-16.0.16...traefik-17.0.0) (2023-03-04)
-
-
-
-
-## [traefik-16.0.16](https://github.com/truecharts/charts/compare/traefik-16.0.15...traefik-16.0.16) (2023-02-20)
-
-### Chore
-
-- update container image tccr.io/truecharts/traefik to v2.9.8
-
-
-
-
-## [traefik-16.0.15](https://github.com/truecharts/charts/compare/traefik-16.0.14...traefik-16.0.15) (2023-02-15)
-
-### Chore
diff --git a/enterprise/traefik/17.0.9/Chart.yaml b/enterprise/traefik/17.0.9/Chart.yaml
deleted file mode 100644
index fe47a2de33e..00000000000
--- a/enterprise/traefik/17.0.9/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "2.9.8"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
-deprecated: false
-description: Traefik is a flexible reverse proxy and Ingress Provider.
-home: https://truecharts.org/charts/enterprise/traefik
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
-keywords:
- - traefik
- - ingress
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: traefik
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- - https://hub.docker.com/_/traefik
- - https://github.com/traefik/traefik
- - https://github.com/traefik/traefik-helm-chart
- - https://traefik.io/
-type: application
-version: 17.0.9
-annotations:
- truecharts.org/catagories: |
- - network
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/traefik/17.0.9/LICENSE b/enterprise/traefik/17.0.9/LICENSE
deleted file mode 100644
index 4139714f204..00000000000
--- a/enterprise/traefik/17.0.9/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Traefik" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/17.0.9/README.md b/enterprise/traefik/17.0.9/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/traefik/17.0.9/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/traefik/17.0.9/app-changelog.md b/enterprise/traefik/17.0.9/app-changelog.md
deleted file mode 100644
index 0e33972019d..00000000000
--- a/enterprise/traefik/17.0.9/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [traefik-17.0.9](https://github.com/truecharts/charts/compare/traefik-17.0.8...traefik-17.0.9) (2023-03-11)
-
-### Fix
-
-- bump to release fix for new service monitor
-
-
\ No newline at end of file
diff --git a/enterprise/traefik/17.0.9/app-readme.md b/enterprise/traefik/17.0.9/app-readme.md
deleted file mode 100644
index 02206fafcf4..00000000000
--- a/enterprise/traefik/17.0.9/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Traefik is a flexible reverse proxy and Ingress Provider.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/traefik/17.0.9/charts/common-12.2.24.tgz b/enterprise/traefik/17.0.9/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/traefik/17.0.9/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/traefik/17.0.9/ix_values.yaml b/enterprise/traefik/17.0.9/ix_values.yaml
deleted file mode 100644
index 56d75a4389a..00000000000
--- a/enterprise/traefik/17.0.9/ix_values.yaml
+++ /dev/null
@@ -1,416 +0,0 @@
-image:
- repository: tccr.io/truecharts/traefik
- # defaults to appVersion
- tag: 2.9.8@sha256:4a2d3dda380990d825532e661b42457fc9871061dbc22b310468616378214a2e
- pullPolicy: IfNotPresent
-
-workload:
- main:
- replicas: 2
- strategy: RollingUpdate
- podSpec:
- containers:
- main:
- args: []
- probes:
- # -- Liveness probe configuration
- # @default -- See below
- liveness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Redainess probe configuration
- # @default -- See below
- readiness:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
- # -- Startup probe configuration
- # @default -- See below
- startup:
- # -- sets the probe type when not using a custom probe
- # @default -- "TCP"
- type: tcp
- # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
- # @default -- "/"
- # path: "/ping"
-
-# -- Options for all pods
-# Can be overruled per pod
-podOptions:
- automountServiceAccountToken: true
-
-# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
-ingressClass:
- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
- enabled: false
- isDefaultClass: false
- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
- fallbackApiVersion: ""
-
-# -- Create an IngressRoute for the dashboard
-ingressRoute:
- dashboard:
- enabled: true
- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
- annotations: {}
- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
- labels: {}
-#
-# -- Configure providers
-providers:
- kubernetesCRD:
- enabled: true
- namespaces:
- []
- # - "default"
- kubernetesIngress:
- enabled: true
- # labelSelector: environment=production,method=traefik
- namespaces:
- []
- # - "default"
- # IP used for Kubernetes Ingress endpoints
- publishedService:
- enabled: true
- # Published Kubernetes Service to copy status from. Format: namespace/servicename
- # By default this Traefik service
- # pathOverride: ""
-
-# -- Logs
-# https://docs.traefik.io/observability/logs/
-logs:
- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
- general:
- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- level: ERROR
- # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
- format: common
- access:
- # To enable access logs
- enabled: false
- # To write the logs in an asynchronous fashion, specify a bufferingSize option.
- # This option represents the number of log lines Traefik will keep in memory before writing
- # them to the selected output. In some cases, this option can greatly help performances.
- # bufferingSize: 100
- # Filtering https://docs.traefik.io/observability/access-logs/#filtering
- filters:
- {}
- # statuscodes: "200,300-302"
- # retryattempts: true
- # minduration: 10ms
- # Fields
- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
- fields:
- general:
- defaultmode: keep
- names:
- {}
- # Examples:
- # ClientUsername: drop
- headers:
- defaultmode: drop
- names:
- {}
- # Examples:
- # User-Agent: redact
- # Authorization: drop
- # Content-Type: keep
- # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
- format: common
-
-metrics:
- main:
- enabled: true
- type: servicemonitor
- endpoints:
- - port: metrics
- path: /metrics
- targetSelector: metrics
-
-globalArguments:
- - "--global.checknewversion"
-
-##
-# -- Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments:
- - "--metrics.prometheus"
- - "--ping"
- - "--serverstransport.insecureskipverify=true"
- - "--providers.kubernetesingress.allowexternalnameservices=true"
-
-# -- TLS Options to be created as TLSOption CRDs
-# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
-# Example:
-tlsOptions:
- default:
- sniStrict: false
- minVersion: VersionTLS12
- curvePreferences:
- - CurveP521
- - CurveP384
- cipherSuites:
- - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- - TLS_AES_128_GCM_SHA256
- - TLS_AES_256_GCM_SHA384
- - TLS_CHACHA20_POLY1305_SHA256
-
-# -- Options for the main traefik service, where the entrypoints traffic comes from
-# from.
-service:
- main:
- type: LoadBalancer
- ports:
- main:
- port: 9000
- targetPort: 9000
- protocol: http
- # -- Forwarded Headers should never be enabled on Main entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Main entrypoint
- proxyProtocol:
- enabled: false
- tcp:
- enabled: true
- type: LoadBalancer
- ports:
- web:
- enabled: true
- port: 9080
- protocol: http
- redirectTo: websecure
- # Options: Empty, 0 (ingore), or positive int
- # redirectPort:
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- websecure:
- enabled: true
- port: 9443
- protocol: https
- # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
- forwardedHeaders:
- enabled: false
- # -- List of trusted IP and CIDR references
- trustedIPs: []
- # -- Trust all forwarded headers
- insecureMode: false
- # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
- proxyProtocol:
- enabled: false
- # -- Only IPs in trustedIPs will lead to remote client address replacement
- trustedIPs: []
- # -- Trust every incoming connection
- insecureMode: false
- # tcpexample:
- # enabled: true
- # targetPort: 9443
- # protocol: tcp
- # tls:
- # enabled: false
- # # this is the name of a TLSOption definition
- # options: ""
- # certResolver: ""
- # domains: []
- # # - main: example.com
- # # sans:
- # # - foo.example.com
- # # - bar.example.com
- metrics:
- enabled: true
- type: ClusterIP
- ports:
- metrics:
- enabled: true
- port: 9180
- targetPort: 9180
- protocol: http
- # -- Forwarded Headers should never be enabled on Metrics entrypoint
- forwardedHeaders:
- enabled: false
- # -- Proxy Protocol should never be enabled on Metrics entrypoint
- proxyProtocol:
- enabled: false
- # udp:
- # enabled: false
-
-# -- Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
- main:
- enabled: true
- primary: true
- clusterWide: true
- rules:
- - apiGroups:
- - ""
- resources:
- - services
- - endpoints
- - secrets
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - traefik.containo.us
- resources:
- - ingressroutes
- - ingressroutetcps
- - ingressrouteudps
- - middlewares
- - middlewaretcps
- - tlsoptions
- - tlsstores
- - traefikservices
- - serverstransports
- verbs:
- - get
- - list
- - watch
-
-# -- The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
- main:
- enabled: true
- primary: true
-
-# -- SCALE Middleware Handlers
-middlewares:
- basicAuth: []
- # - name: basicauthexample
- # users:
- # - username: testuser
- # password: testpassword
- forwardAuth: []
- # - name: forwardAuthexample
- # address: https://auth.example.com/
- # authResponseHeaders:
- # - X-Secret
- # - X-Auth-User
- # authRequestHeaders:
- # - "Accept"
- # - "X-CustomHeader"
- # authResponseHeadersRegex: "^X-"
- # trustForwardHeader: true
- chain: []
- # - name: chainname
- # middlewares:
- # - name: compress
- redirectScheme: []
- # - name: redirectSchemeName
- # scheme: https
- # permanent: true
- rateLimit: []
- # - name: rateLimitName
- # average: 300
- # burst: 200
- redirectRegex: []
- # - name: redirectRegexName
- # regex: putregexhere
- # replacement: replacementurlhere
- # permanent: false
- stripPrefixRegex: []
- # - name: stripPrefixRegexName
- # regex: []
- ipWhiteList: []
- # - name: ipWhiteListName
- # sourceRange: []
- # ipStrategy:
- # depth: 2
- # excludedIPs: []
- themeParkVersion: v1.3.0
- themePark: []
- # - name: themeParkName
- # -- Supported apps, lower case name
- # -- https://docs.theme-park.dev/themes
- # app: appnamehere
- # -- Supported themes, lower case name
- # -- https://docs.theme-park.dev/themes/APPNAMEHERE
- # -- https://docs.theme-park.dev/community-themes
- # theme: themenamehere
- # -- https://theme-park.dev or a self hosted url
- # baseUrl: https://theme-park.dev
- realIPVersion: v1.0.3
- # Sets X-Real-Ip with an IP from the X-Forwarded-For or
- # Cf-Connecting-Ip (If from Cloudflare)
- # Evaluation of those headers will go from last to first
- realIP: []
- # - name: realIPName
- # -- The real IP will be the first one that is
- # -- not included in any of the CIDRs passed here
- # excludedNetworks:
- # - 1.1.1.1/24
- addPrefix: []
- # - name: addPrefixName
- # prefix: "/foo"
- geoBlockVersion: v0.2.4
- geoBlock: []
- # -- https://github.com/PascalMinder/geoblock
- # - name: geoBlockName
- # allowLocalRequests: true
- # logLocalRequests: false
- # logAllowedRequests: false
- # logApiRequests: false
- # api: https://get.geojs.io/v1/ip/country/{ip}
- # apiTimeoutMs: 500
- # cacheSize: 25
- # forceMonthlyUpdate: true
- # allowUnknownCountries: false
- # unknownCountryApiResponse: nil
- # blackListMode: false
- # countries:
- # - RU
-
-portalhook:
- enabled: true
-
-persistence:
- plugins:
- enabled: true
- mountPath: "/plugins-storage"
- type: emptyDir
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/traefik/17.0.9/questions.yaml b/enterprise/traefik/17.0.9/questions.yaml
deleted file mode 100644
index 6d4d536bf6d..00000000000
--- a/enterprise/traefik/17.0.9/questions.yaml
+++ /dev/null
@@ -1,2522 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "http"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
- path: "/dashboard/"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
-
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
-
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: ingressClass
- label: "ingressClass"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- description: "When enabled, ingressClass will match the entered name of this app"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: isDefaultClass
- label: "isDefaultClass"
- schema:
- type: boolean
- default: false
- - variable: logs
- label: "Logs"
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "ERROR"
- enum:
- - value: "INFO"
- description: "Info"
- - value: "WARN"
- description: "Warnings"
- - value: "ERROR"
- description: "Errors"
- - value: "FATAL"
- description: "Fatal Errors"
- - value: "PANIC"
- description: "Panics"
- - value: "DEBUG"
- description: "Debug"
- - variable: format
- label: "General Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: access
- label: "Access Logs"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabledFilters
- label: "Enable Filters"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filters
- label: "Filters"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: statuscodes
- label: "Status codes"
- schema:
- type: string
- default: "200,300-302"
- - variable: retryattempts
- label: "retryattempts"
- schema:
- type: boolean
- default: true
- - variable: minduration
- label: "minduration"
- schema:
- type: string
- default: "10ms"
- - variable: fields
- label: "Fields"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: general
- label: "General"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "keep"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: headers
- label: "Headers"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: defaultmode
- label: "Default Mode"
- schema:
- type: string
- default: "drop"
- enum:
- - value: "keep"
- description: "Keep"
- - value: "drop"
- description: "Drop"
- - variable: format
- label: "Access Log format"
- schema:
- type: string
- default: "common"
- enum:
- - value: "common"
- description: "Common Log Format"
- - value: "json"
- description: "JSON"
- - variable: middlewares
- label: ""
- group: "Middlewares"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: basicAuth
- label: basicAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: users
- label: Users
- schema:
- type: list
- default: []
- items:
- - variable: usersEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: username
- label: Username
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- required: true
- default: ""
- - variable: forwardAuth
- label: forwardAuth
- schema:
- type: list
- default: []
- items:
- - variable: basicAuthEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: address
- label: Address
- schema:
- type: string
- required: true
- default: ""
- - variable: trustForwardHeader
- label: trustForwardHeader
- schema:
- type: boolean
- default: false
- - variable: tls
- label: TLS
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: insecureSkipVerify
- label: insecureSkipVerify (expert)
- description: >-
- This disables all TLS certificate validation on communications with the authentication endpoint.
- This could be a security risk and should only be used if you know what you are doing.
- schema:
- type: boolean
- default: false
- - variable: authResponseHeadersRegex
- label: authResponseHeadersRegex
- schema:
- type: string
- default: ""
- - variable: authResponseHeaders
- label: authResponseHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authResponseHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: authRequestHeaders
- label: authRequestHeaders
- schema:
- type: list
- default: []
- items:
- - variable: authRequestHeadersEntry
- label: ""
- schema:
- type: string
- default: ""
- - variable: chain
- label: Chain
- schema:
- type: list
- default: []
- items:
- - variable: chainEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: middlewares
- label: Middlewares to Chain
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: redirectScheme
- label: redirectScheme
- schema:
- type: list
- default: []
- items:
- - variable: redirectSchemeEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: scheme
- label: Scheme
- schema:
- type: string
- required: true
- default: https
- enum:
- - value: https
- description: https
- - value: http
- description: http
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: rateLimit
- label: rateLimit
- schema:
- type: list
- default: []
- items:
- - variable: rateLimitEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: average
- label: Average
- schema:
- type: int
- required: true
- default: 300
- - variable: burst
- label: Burst
- schema:
- type: int
- required: true
- default: 200
- - variable: redirectRegex
- label: redirectRegex
- schema:
- type: list
- default: []
- items:
- - variable: redirectRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: replacement
- label: Replacement
- schema:
- type: string
- required: true
- default: ""
- - variable: permanent
- label: Permanent
- schema:
- type: boolean
- default: false
- - variable: stripPrefixRegex
- label: stripPrefixRegex
- schema:
- type: list
- default: []
- items:
- - variable: stripPrefixRegexEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: regex
- label: Regex
- schema:
- type: list
- default: []
- items:
- - variable: regexEntry
- label: Regex
- schema:
- type: string
- required: true
- default: ""
- - variable: ipWhiteList
- label: ipWhiteList
- schema:
- type: list
- default: []
- items:
- - variable: ipWhiteListEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: sourceRange
- label: Source Range
- schema:
- type: list
- default: []
- items:
- - variable: sourceRangeEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: ipStrategy
- label: IP Strategy
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: depth
- label: Depth
- schema:
- type: int
- required: true
- - variable: excludedIPs
- label: Excluded IPs
- schema:
- type: list
- default: []
- items:
- - variable: excludedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: themePark
- label: theme.park
- schema:
- type: list
- default: []
- items:
- - variable: themeParkEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to traefik-themepark
- schema:
- type: string
- required: true
- default: ""
- - variable: appName
- label: App Name
- description: Lower case, name of the app to be themed.
-
Go to https://docs.theme-park.dev/themes/ to see supported apps.
- schema:
- type: string
- required: true
- default: ""
- - variable: themeName
- label: Theme Name
- description: Lower case, name of the theme to be applied.
-
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
- schema:
- type: string
- required: true
- default: ""
- - variable: baseUrl
- label: Base URL
- description: Replace `https://theme-park.dev` URL for self-hosting reference.
- schema:
- type: string
- required: true
- default: https://theme-park.dev
- - variable: addons
- label: Addons
- schema:
- type: list
- default: []
- items:
- - variable: addonEntry
- label: Addon
- description: Currently only supports 'darker' and '4k-logo' for *arr apps.
-
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
-
Go to https://github.com/packruler/traefik-themepark for more context on plugin
- schema:
- type: string
- required: true
- default: ""
- - variable: realIP
- label: Real IP
- schema:
- type: list
- default: []
- items:
- - variable: realIPEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: excludedNetworks
- label: Excluded Networks
- schema:
- type: list
- default: []
- items:
- - variable: excludedNetEntry
- label: Excluded Network Entry
- description: Network to exclude setting it to X-Real-Ip
- schema:
- type: string
- required: true
- default: ""
- - variable: geoBlock
- label: GeoBlock
- schema:
- type: list
- default: []
- items:
- - variable: geoBlockEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: This is a 3rd party plugin and not maintained by TrueCharts,
- for more information go to geoblock
- schema:
- type: string
- required: true
- default: ""
- - variable: allowLocalRequests
- label: Allow Local Requests
- description: If set to true, will not block request from Private IP Ranges
- schema:
- type: boolean
- default: true
- - variable: logLocalRequests
- label: Log Local Requests
- description: If set to true, will log every connection from any IP in the private IP range
- schema:
- type: boolean
- default: false
- - variable: logAllowedRequests
- label: Log Allowed Requests
- description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
- schema:
- type: boolean
- default: false
- - variable: logApiRequests
- label: Log API Requests
- description: If set to true, will show a log message for every API hit.
- schema:
- type: boolean
- default: false
- - variable: api
- label: API
- description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
- schema:
- type: string
- required: true
- default: https://get.geojs.io/v1/ip/country/{ip}
- - variable: apiTimeoutMs
- label: API Timeout in ms
- description: Timeout for the call to the api uri.
- schema:
- type: int
- required: true
- default: 500
- - variable: cacheSize
- label: Cache Size
- description: Defines the max size of the LRU (least recently used) cache.
- schema:
- type: int
- required: true
- default: 25
- - variable: forceMonthlyUpdate
- label: Force Monthly Update
- description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
- schema:
- type: boolean
- default: true
- - variable: allowUnknownCountries
- label: Allow Unknown Countries
- description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
- schema:
- type: boolean
- default: false
- - variable: unknownCountryApiResponse
- label: Unknown Countries API Response
- description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
- schema:
- type: string
- required: true
- default: nil
- - variable: blackListMode
- label: Blacklist Mode
- description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
- schema:
- type: boolean
- default: false
- - variable: countries
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- label: Countries
- schema:
- type: list
- default: []
- items:
- - variable: countryEntry
- label: Country
- description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
- schema:
- type: string
- required: true
- # Allow only 2 Characters
- valid_chars: '^[a-zA-Z]{2}$'
- default: ""
- - variable: addPrefix
- label: Add Prefix
- schema:
- type: list
- default: []
- items:
- - variable: addPrefixEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: prefix
- label: Prefix
- schema:
- type: string
- required: true
- default: ""
- - variable: service
- group: "Networking and Services"
- label: "Configure Service Entrypoint"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9000
- required: true
- - variable: tcp
- label: "TCP Service"
- description: "The tcp Entrypoint service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: web
- label: "web Entrypoint Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9080
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- default: "websecure"
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: websecure
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Entrypoints Port"
- schema:
- type: int
- default: 9443
- required: true
- - variable: advanced
- label: Show Advanced Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: portsList
- label: "Additional TCP Entrypoints"
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: "Custom Entrypoints"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable the port"
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: "Entrypoints Name"
- schema:
- type: string
- default: ""
- - variable: protocol
- label: "Entrypoints Type"
- schema:
- type: string
- default: "TCP"
- enum:
- - value: HTTP
- description: "HTTP"
- - value: "HTTPS"
- description: "HTTPS"
- - value: TCP
- description: "TCP"
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- required: true
- - variable: tls
- label: "websecure Entrypoints Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enabled"
- schema:
- type: boolean
- default: true
- - variable: redirectPort
- label: "Redirect to Port"
- schema:
- type: int
- - variable: redirectTo
- label: "Redirect to Entrypoint"
- schema:
- type: string
- - variable: forwardedHeaders
- label: Accept Forwarded Headers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Trust Forwarded Headers from specific IPs.
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Always Trust Forwarded Headers
- schema:
- type: boolean
- default: false
- - variable: proxyProtocol
- label: Accept Proxy Protocol connections
- description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: trustedIPs
- label: Trusted IPs
- description: Only IPs in trustedIPs will lead to remote client address replacement
- schema:
- type: list
- default: []
- items:
- - variable: trustedIPsEntry
- label: ""
- schema:
- type: string
- required: true
- default: ""
- - variable: insecureMode
- label: Insecure Mode
- description: Trust every incoming connection
- schema:
- type: boolean
- default: false
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
-
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
-
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: metrics
- group: Metrics
- label: Prometheus Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Metrics
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: prometheusRule
- label: PrometheusRule
- description: Enable and configure Prometheus Rules for the App.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- description: Enable Prometheus Metrics
- schema:
- type: boolean
- default: false
- # TODO: Rule List section
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/traefik/17.0.9/templates/NOTES.txt b/enterprise/traefik/17.0.9/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/traefik/17.0.9/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/traefik/17.0.9/templates/_args.tpl b/enterprise/traefik/17.0.9/templates/_args.tpl
deleted file mode 100644
index 3fef2e1f777..00000000000
--- a/enterprise/traefik/17.0.9/templates/_args.tpl
+++ /dev/null
@@ -1,178 +0,0 @@
-{{/* Define the args */}}
-{{- define "traefik.args" -}}
-args:
- {{/* merge all ports */}}
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{/* start of actual arguments */}}
- {{- with .Values.globalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
- {{- range $name, $config := $ports }}
- {{- if $config }}
- {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
- {{- $_ := set $config "protocol" "tcp" }}
- {{- end }}
- - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
- {{- end }}
- {{- end }}
- - "--api.dashboard=true"
- - "--ping=true"
- {{- if .Values.metrics }}
- {{- if .Values.metrics.datadog }}
- - "--metrics.datadog=true"
- - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
- {{- end }}
- {{- if .Values.metrics.influxdb }}
- - "--metrics.influxdb=true"
- - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
- - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
- {{- end }}
- {{- if .Values.metrics.prometheus }}
- - "--metrics.prometheus=true"
- - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
- {{- end }}
- {{- if .Values.metrics.statsd }}
- - "--metrics.statsd=true"
- - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
- {{- end }}
- {{- end }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress"
- {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
- - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.labelSelector }}
- - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
- {{- end }}
- {{- end }}
- {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
- {{- if .Values.providers.kubernetesCRD.enabled }}
- - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
- {{- end }}
- {{- if .Values.providers.kubernetesIngress.enabled }}
- - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.ingressClass.enabled }}
- - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
- {{- end }}
- {{- range $entrypoint, $config := $ports }}
- {{/* add args for proxyProtocol support */}}
- {{- if $config.proxyProtocol }}
- {{- if $config.proxyProtocol.enabled }}
- {{- if $config.proxyProtocol.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
- {{- end }}
- {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* add args for forwardedHeaders support */}}
- {{- if $config.forwardedHeaders.enabled }}
- {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
- {{- end }}
- {{- if $config.forwardedHeaders.insecureMode }}
- - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
- {{- end }}
- {{- end }}
- {{/* end forwardedHeaders configuration */}}
- {{- if $config.redirectTo }}
- {{- $toPort := index $ports $config.redirectTo }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- else if $config.redirectPort }}
- {{ if gt $config.redirectPort 0.0 }}
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
- - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
- {{- end }}
- {{- end }}
- {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
- {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
- - "--entrypoints.{{ $entrypoint }}.http.tls=true"
- {{- if $config.tls.options }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
- {{- end }}
- {{- if $config.tls.certResolver }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
- {{- end }}
- {{- if $config.tls.domains }}
- {{- range $index, $domain := $config.tls.domains }}
- {{- if $domain.main }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
- {{- end }}
- {{- if $domain.sans }}
- - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- with .Values.logs }}
- - "--log.format={{ .general.format }}"
- {{- if ne .general.level "ERROR" }}
- - "--log.level={{ .general.level | upper }}"
- {{- end }}
- {{- if .access.enabled }}
- - "--accesslog=true"
- - "--accesslog.format={{ .access.format }}"
- {{- if .access.bufferingsize }}
- - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
- {{- end }}
- {{- if .access.filters }}
- {{- if .access.filters.statuscodes }}
- - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
- {{- end }}
- {{- if .access.filters.retryattempts }}
- - "--accesslog.filters.retryattempts"
- {{- end }}
- {{- if .access.filters.minduration }}
- - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
- {{- end }}
- {{- end }}
- - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.general.names }}
- - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
- {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
- - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
- {{- end }}
- {{- end }}
- {{- end }}
- {{/* theme.park */}}
- {{- if .Values.middlewares.themePark }}
- - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
- - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
- {{- end }}
- {{/* End of theme.park */}}
- {{/* GeoBlock */}}
- {{- if .Values.middlewares.geoBlock }}
- - "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
- - "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
- {{- end }}
- {{/* End of GeoBlock */}}
- {{/* RealIP */}}
- {{- if .Values.middlewares.realIP }}
- - "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
- - "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
- {{- end }}
- {{/* End of RealIP */}}
- {{- with .Values.additionalArguments }}
- {{- range . }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.9/templates/_helpers.tpl b/enterprise/traefik/17.0.9/templates/_helpers.tpl
deleted file mode 100644
index 1345dcea39a..00000000000
--- a/enterprise/traefik/17.0.9/templates/_helpers.tpl
+++ /dev/null
@@ -1,22 +0,0 @@
-{{/*
-Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
-By convention this will simply use the / to match the name of the
-service generated.
-Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
-*/}}
-{{- define "providers.kubernetesIngress.publishedServicePath" -}}
-{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
-{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
-{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
-{{- print $servicePath | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Construct a comma-separated list of whitelisted namespaces
-*/}}
-{{- define "providers.kubernetesIngress.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
-{{- end -}}
-{{- define "providers.kubernetesCRD.namespaces" -}}
-{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.9/templates/_ingressclass.tpl b/enterprise/traefik/17.0.9/templates/_ingressclass.tpl
deleted file mode 100644
index 004d4a6dcda..00000000000
--- a/enterprise/traefik/17.0.9/templates/_ingressclass.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/* Define the ingressClass */}}
-{{- define "traefik.ingressClass" -}}
----
-{{ if .Values.ingressClass.enabled }}
- {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
-apiVersion: networking.k8s.io/v1
- {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
-apiVersion: networking.k8s.io/v1beta1
- {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
-apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
- {{- else }}
- {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
- {{- end }}
-kind: IngressClass
-metadata:
- annotations:
- ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
- labels:
- {{- include "tc.v1.common.lib.metadata.allLabels" . | nindent 4 }}
- name: {{ .Release.Name }}
-spec:
- controller: traefik.io/ingress-controller
-{{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.9/templates/_ingressroute.tpl b/enterprise/traefik/17.0.9/templates/_ingressroute.tpl
deleted file mode 100644
index 6599ceb6e2b..00000000000
--- a/enterprise/traefik/17.0.9/templates/_ingressroute.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/* Define the ingressRoute */}}
-{{- define "traefik.ingressRoute" -}}
-{{ if .Values.ingressRoute.dashboard.enabled }}
-
-{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels -}}
-{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations -}}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
- name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
- {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
- labels:
- {{- . | nindent 4 }}
- {{- end }}
- {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
- {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
- annotations:
- {{- . | nindent 4 }}
- {{- end }}
-
-spec:
- entryPoints:
- - main
- routes:
- - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
- kind: Rule
- services:
- - name: api@internal
- kind: TraefikService
-{{ end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.9/templates/_portalhook.tpl b/enterprise/traefik/17.0.9/templates/_portalhook.tpl
deleted file mode 100644
index e3586c5d4e9..00000000000
--- a/enterprise/traefik/17.0.9/templates/_portalhook.tpl
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/* Define the portalHook */}}
-{{- define "traefik.portalhook" -}}
-{{- if .Values.portalhook.enabled }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portalhook
- namespace: {{ $namespace }}
-data:
- {{- $ports := dict }}
- {{- range $.Values.service }}
- {{- range $name, $value := .ports }}
- {{- $_ := set $ports $name $value }}
- {{- end }}
- {{- end }}
- {{- range $name, $value := $ports }}
- {{ $name }}: {{ $value.port | quote }}
- {{- end }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.9/templates/_tlsoptions.tpl b/enterprise/traefik/17.0.9/templates/_tlsoptions.tpl
deleted file mode 100644
index 3e5aad3bee9..00000000000
--- a/enterprise/traefik/17.0.9/templates/_tlsoptions.tpl
+++ /dev/null
@@ -1,12 +0,0 @@
-{{/* Define the tlsOptions */}}
-{{- define "traefik.tlsOptions" -}}
-{{- range $name, $config := .Values.tlsOptions }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: TLSOption
-metadata:
- name: {{ $name }}
-spec:
- {{- toYaml $config | nindent 2 }}
-{{- end }}
-{{- end -}}
diff --git a/enterprise/traefik/17.0.9/templates/common.yaml b/enterprise/traefik/17.0.9/templates/common.yaml
deleted file mode 100644
index 7833892df08..00000000000
--- a/enterprise/traefik/17.0.9/templates/common.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{- $newArgs := (include "traefik.args" . | fromYaml) }}
-{{- $_ := set .Values "newArgs" $newArgs -}}
-{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
-{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
-
-{{- include "traefik.portalhook" . }}
-{{- include "traefik.tlsOptions" . }}
-{{- include "traefik.ingressRoute" . }}
-{{- include "traefik.ingressClass" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/addPrefix.yaml b/enterprise/traefik/17.0.9/templates/middlewares/addPrefix.yaml
deleted file mode 100644
index 233b23834c3..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/addPrefix.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- addPrefix:
- prefix: {{ $middlewareData.prefix }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/17.0.9/templates/middlewares/basic-middleware.yaml
deleted file mode 100644
index 9ba8e5c5d93..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/basic-middleware.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: compress
- namespace: {{ $namespace }}
-spec:
- compress: {}
----
-# Here, an average of 300 requests per second is allowed.
-# In addition, a burst of 200 requests is allowed.
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-ratelimit
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: 600
- burst: 400
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: basic-secure-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: chain-basic
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: basic-secure-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/basicauth.yaml b/enterprise/traefik/17.0.9/templates/middlewares/basicauth.yaml
deleted file mode 100644
index ccb541742f0..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/basicauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
----
-{{- $users := list }}
-{{ range $index, $userdata := $middlewareData.users }}
- {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
-{{ end }}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{printf "%v-%v" $middlewareData.name "secret" }}
- namespace: {{ $namespace }}
-type: Opaque
-stringData:
- users: |
- {{- range $index, $user := $users }}
- {{ printf "%s" $user }}
- {{- end }}
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- basicAuth:
- secret: {{printf "%v-%v" $middlewareData.name "secret" }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/chain.yaml b/enterprise/traefik/17.0.9/templates/middlewares/chain.yaml
deleted file mode 100644
index f87994f7956..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/chain.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.chain }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- {{ range $index, $middleware := .middlewares }}
- - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
- {{ end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/forwardauth.yaml b/enterprise/traefik/17.0.9/templates/middlewares/forwardauth.yaml
deleted file mode 100644
index 4bdefbd5c01..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/forwardauth.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- forwardAuth:
- address: {{ $middlewareData.address }}
- {{- with $middlewareData.authResponseHeaders }}
- authResponseHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- with $middlewareData.authRequestHeaders }}
- authRequestHeaders:
- {{- toYaml . | nindent 4 }}
- {{- end }}
- {{- if $middlewareData.authResponseHeadersRegex }}
- authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
- {{- end }}
- {{- if $middlewareData.trustForwardHeader }}
- trustForwardHeader: true
- {{- end }}
- {{- with $middlewareData.tls }}
- tls:
- insecureSkipVerify: {{ .insecureSkipVerify | default false }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/geoblock.yaml b/enterprise/traefik/17.0.9/templates/middlewares/geoblock.yaml
deleted file mode 100644
index be21bcf57b6..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/geoblock.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- GeoBlock:
- allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
- logLocalRequests: {{ $middlewareData.logLocalRequests }}
- logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
- logApiRequests: {{ $middlewareData.logApiRequests }}
- api: {{ $middlewareData.api }}
- apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
- cacheSize: {{ $middlewareData.cacheSize }}
- forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
- allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
- unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
- blackListMode: {{ $middlewareData.blackListMode }}
- {{- if not $middlewareData.countries }}
- {{- fail "You have to define at least one country..." }}
- {{- end }}
- countries:
- {{- range $middlewareData.countries }}
- - {{ . }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/17.0.9/templates/middlewares/ipwhitelist.yaml
deleted file mode 100644
index 1179245017e..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/ipwhitelist.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- ipWhiteList:
- sourceRange:
- {{- range $middlewareData.sourceRange }}
- - {{ . }}
- {{- end }}
- {{- if $middlewareData.ipStrategy }}
- ipStrategy:
- {{- if $middlewareData.ipStrategy.depth }}
- depth: {{ $middlewareData.ipStrategy.depth }}
- {{- end }}
- {{- if $middlewareData.ipStrategy.excludedIPs }}
- excludedIPs:
- {{- range $middlewareData.ipStrategy.excludedIPs }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/ratelimit.yaml b/enterprise/traefik/17.0.9/templates/middlewares/ratelimit.yaml
deleted file mode 100644
index 144b9d8bf38..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/ratelimit.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- rateLimit:
- average: {{ $middlewareData.average }}
- burst: {{ $middlewareData.burst }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/real-ip.yaml b/enterprise/traefik/17.0.9/templates/middlewares/real-ip.yaml
deleted file mode 100644
index 2dd1ae030a4..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/real-ip.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.realIP }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-real-ip:
- excludednets:
- {{- range $middlewareData.excludedNetworks }}
- - {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/17.0.9/templates/middlewares/redirectScheme.yaml
deleted file mode 100644
index f2413f84e19..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/redirectScheme.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectScheme:
- scheme: {{ $middlewareData.scheme }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/redirectregex.yaml b/enterprise/traefik/17.0.9/templates/middlewares/redirectregex.yaml
deleted file mode 100644
index 46e3e724dd6..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/redirectregex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
-
----
-# Declaring the user list
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: {{ $middlewareData.regex | quote }}
- replacement: {{ $middlewareData.replacement | quote }}
- permanent: {{ $middlewareData.permanent }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/17.0.9/templates/middlewares/stripPrefixRegex.yaml
deleted file mode 100644
index 007c166ff39..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/stripPrefixRegex.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-
-{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- stripPrefixRegex:
- regex:
- {{- range $middlewareData.regex }}
- - {{ . | quote }}
- {{- end }}
-{{ end }}
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/tc-chains.yaml b/enterprise/traefik/17.0.9/templates/middlewares/tc-chains.yaml
deleted file mode 100644
index 409766daa89..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/tc-chains.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-opencors-headers
- - name: compress
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: basic-ratelimit
- - name: tc-closedcors-headers
- - name: compress
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/tc-headers.yaml b/enterprise/traefik/17.0.9/templates/middlewares/tc-headers.yaml
deleted file mode 100644
index a0462f1fd73..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/tc-headers.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-opencors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowHeaders:
- - '*'
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- - POST
- accessControlAllowOriginList:
- - '*'
- accessControlMaxAge: 100
- browserXssFilter: true
- contentTypeNosniff: true
- customRequestHeaders:
- X-Forwarded-Proto: https
- customResponseHeaders:
- server: ""
- forceSTSHeader: true
- referrerPolicy: same-origin
- sslForceHost: true
- sslRedirect: true
- stsSeconds: 63072000
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-closedcors-headers
- namespace: {{ $namespace }}
-spec:
- headers:
- accessControlAllowMethods:
- - GET
- - OPTIONS
- - HEAD
- - PUT
- accessControlMaxAge: 100
- sslRedirect: true
- stsSeconds: 63072000
- # stsIncludeSubdomains: false
- # stsPreload: false
- forceSTSHeader: true
- contentTypeNosniff: true
- browserXssFilter: true
- sslForceHost: true
- referrerPolicy: same-origin
- customRequestHeaders:
- X-Forwarded-Proto: "https"
- customResponseHeaders:
- server: ''
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/17.0.9/templates/middlewares/tc-nextcloud.yaml
deleted file mode 100644
index 6a3019d56c5..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/tc-nextcloud.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-redirectregex-dav
- namespace: {{ $namespace }}
-spec:
- redirectRegex:
- regex: "https://(.*)/.well-known/(card|cal)dav"
- replacement: "https://${1}/remote.php/dav/"
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: tc-nextcloud-chain
- namespace: {{ $namespace }}
-spec:
- chain:
- middlewares:
- - name: tc-nextcloud-redirectregex-dav
diff --git a/enterprise/traefik/17.0.9/templates/middlewares/theme-park.yaml b/enterprise/traefik/17.0.9/templates/middlewares/theme-park.yaml
deleted file mode 100644
index 92a4257e279..00000000000
--- a/enterprise/traefik/17.0.9/templates/middlewares/theme-park.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- $values := .Values }}
-{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
-{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
-{{- $namespace = "default" }}
-{{- end }}
-{{- range $index, $middlewareData := .Values.middlewares.themePark }}
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
- name: {{ $middlewareData.name }}
- namespace: {{ $namespace }}
-spec:
- plugin:
- traefik-themepark:
- app: {{ $middlewareData.appName }}
- theme: {{ $middlewareData.themeName }}
- baseUrl: {{ $middlewareData.baseUrl }}
- {{- if $middlewareData.addons }}
- addons:
- {{- range $middlewareData.addons }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/enterprise/traefik/17.0.9/values.yaml b/enterprise/traefik/17.0.9/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/vaultwarden/20.0.0/CHANGELOG.md b/enterprise/vaultwarden/20.0.0/CHANGELOG.md
deleted file mode 100644
index e84f387fe45..00000000000
--- a/enterprise/vaultwarden/20.0.0/CHANGELOG.md
+++ /dev/null
@@ -1,8 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [vaultwarden-20.0.0](https://github.com/truecharts/charts/compare/vaultwarden-19.0.23...vaultwarden-20.0.0) (2023-03-04)
-
diff --git a/enterprise/vaultwarden/20.0.0/Chart.yaml b/enterprise/vaultwarden/20.0.0/Chart.yaml
deleted file mode 100644
index 6931cb0aa37..00000000000
--- a/enterprise/vaultwarden/20.0.0/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v2
-appVersion: "1.27.0"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.9
-deprecated: false
-description: Unofficial Bitwarden compatible server written in Rust
-home: https://truecharts.org/charts/stable/vaultwarden
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
-keywords:
- - bitwarden
- - bitwardenrs
- - bitwarden_rs
- - vaultwarden
- - password
- - rust
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: vaultwarden
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/vaultwarden
- - https://hub.docker.com/r/vaultwarden/server
- - https://github.com/dani-garcia/vaultwarden
-type: application
-version: 20.0.0
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/vaultwarden/20.0.0/LICENSE b/enterprise/vaultwarden/20.0.0/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/vaultwarden/20.0.0/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/vaultwarden/20.0.0/README.md b/enterprise/vaultwarden/20.0.0/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/enterprise/vaultwarden/20.0.0/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/vaultwarden/20.0.0/app-changelog.md b/enterprise/vaultwarden/20.0.0/app-changelog.md
deleted file mode 100644
index 7a063895b76..00000000000
--- a/enterprise/vaultwarden/20.0.0/app-changelog.md
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-## [vaultwarden-20.0.0](https://github.com/truecharts/charts/compare/vaultwarden-19.0.23...vaultwarden-20.0.0) (2023-03-04)
-
diff --git a/enterprise/vaultwarden/20.0.0/app-readme.md b/enterprise/vaultwarden/20.0.0/app-readme.md
deleted file mode 100644
index 08d9cc8b1dd..00000000000
--- a/enterprise/vaultwarden/20.0.0/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Unofficial Bitwarden compatible server written in Rust
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/vaultwarden](https://truecharts.org/charts/enterprise/vaultwarden)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/vaultwarden/20.0.0/charts/common-12.2.9.tgz b/enterprise/vaultwarden/20.0.0/charts/common-12.2.9.tgz
deleted file mode 100644
index 5cd8d048631..00000000000
Binary files a/enterprise/vaultwarden/20.0.0/charts/common-12.2.9.tgz and /dev/null differ
diff --git a/enterprise/vaultwarden/20.0.0/ix_values.yaml b/enterprise/vaultwarden/20.0.0/ix_values.yaml
deleted file mode 100644
index 3389326acfe..00000000000
--- a/enterprise/vaultwarden/20.0.0/ix_values.yaml
+++ /dev/null
@@ -1,164 +0,0 @@
-image:
- repository: tccr.io/truecharts/vaultwarden
- pullPolicy: IfNotPresent
- tag: 1.27.0@sha256:e80b8a6a8b05928d9703eda1c7ebd2c8f1c0b9deed1734ce31c2ec6d70aed323
-
-service:
- main:
- ports:
- main:
- port: 10102
- targetPort: 8080
- ws:
- enabled: true
- ports:
- ws:
- enabled: true
- port: 3012
- targetPort: 3012
-
-workload:
- main:
- podSpec:
- containers:
- main:
- env:
- DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
- DATABASE_URL:
- secretKeyRef:
- name: cnpg-main-urls
- key: std
-
- envFrom:
- - configMapRef:
- name: vaultwardenconfig
- - secretRef:
- name: vaultwardensecret
-
-database:
- # -- Database type,
- # must be one of: 'sqlite', 'mysql' or 'postgresql'.
- type: postgresql
- # -- Enable DB Write-Ahead-Log for SQLite,
- # disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
- wal: true
- ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
- # url: ""
- ## Set the size of the database connection pool.
- # maxConnections: 10
- ## Connection retries during startup, 0 for infinite. 1 second between retries.
- # retries: 15
-
-# Set Bitwarden_rs application variables
-vaultwarden:
- # -- Allow any user to sign-up
- # see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
- allowSignups: true
- ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
- # signupDomains:
- # - domain.tld
- # -- Verify e-mail before login is enabled.
- # SMTP must be enabled.
- verifySignup: false
- # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
- requireEmail: false
- ## Maximum attempts before an email token is reset and a new email will need to be sent.
- # emailAttempts: 3
- ## Email token validity in seconds.
- # emailTokenExpiration: 600
- # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
- allowInvitation: true
- # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
- ## Default organization name in invitation e-mails that are not coming from a specific organization.
- # defaultInviteName: ""
- showPasswordHint: true
- # Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
- # Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
- enableWebsockets: true
- # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
- enableWebVault: true
- # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
- orgCreationUsers: all
- ## Limit attachment disk usage per organization.
- # attachmentLimitOrg:
- ## Limit attachment disk usage per user.
- # attachmentLimitUser:
- ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
- # hibpApiKey:
-
- admin:
- # Enable admin portal.
- enabled: false
- # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
- disableAdminToken: false
- ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
- # token:
-
- # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
- smtp:
- enabled: false
- # SMTP hostname, required if SMTP is enabled.
- host: ""
- # SMTP sender e-mail address, required if SMTP is enabled.
- from: ""
- ## SMTP sender name, defaults to 'Bitwarden_RS'.
- # fromName: ""
- ## Enable SSL connection.
- # ssl: true
- ## SMTP port. Defaults to 25 without SSL, 587 with SSL.
- # port: 587
- ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
- # authMechanism: Plain
- ## Hostname to be sent for SMTP HELO. Defaults to pod name.
- # heloName: ""
- ## SMTP timeout.
- # timeout: 15
- ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidHostname: false
- ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidCertificate: false
- ## SMTP username.
- # user: ""
- ## SMTP password. Required is user is specified, ignored if no user provided.
- # password: ""
-
- ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
- yubico:
- enabled: false
- ## Yubico server. Defaults to YubiCloud.
- # server:
- ## Yubico ID and Secret Key.
- # clientId:
- # secretKey:
-
- ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
- log:
- # Log to file.
- file: ""
- # Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
- level: "trace"
- ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
- # timeFormat: ""
-
- icons:
- # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
- disableDownload: false
- ## Cache time-to-live for icons fetched. 0 means no purging.
- # cache: 2592000
- ## Cache time-to-live for icons that were not available. 0 means no purging.
- # cacheFailed: 259200
-
-persistence:
- data:
- enabled: true
- mountPath: "/data"
-
-cnpg:
- main:
- enabled: true
- user: vaultwarden
- database: vaultwarden
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/vaultwarden/20.0.0/questions.yaml b/enterprise/vaultwarden/20.0.0/questions.yaml
deleted file mode 100644
index 31439288895..00000000000
--- a/enterprise/vaultwarden/20.0.0/questions.yaml
+++ /dev/null
@@ -1,2215 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- admin:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "/admin/"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: vaultwarden
- label: ""
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: yubico
- label: "Yubico OTP authentication"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Yubico OTP authentication"
- description: "Please refer to the manual at: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Yubikey-OTP-authentication"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: server
- label: "Yubico server"
- description: "Defaults to YubiCloud"
- schema:
- type: string
- default: ""
- - variable: clientId
- label: "Yubico ID"
- schema:
- type: string
- default: ""
- - variable: secretKey
- label: "Yubico Secret Key"
- schema:
- type: string
- default: ""
- - variable: admin
- label: "Admin Portal"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Admin Portal"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: disableAdminToken
- label: "Make Accessible Without Password/Token"
- schema:
- type: boolean
- default: false
- - variable: token
- label: "Admin Portal Password/Token"
- description: "Will be automatically generated if not defined"
- schema:
- type: string
- default: ""
- - variable: icons
- label: "Icon Download Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disableDownload
- label: "Disable Icon Download"
- description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
- schema:
- type: boolean
- default: false
- - variable: cache
- label: "Cache time-to-live"
- description: "Cache time-to-live for icons fetched. 0 means no purging"
- schema:
- type: int
- default: 2592000
- - variable: token
- label: "Failed Downloads Cache time-to-live"
- description: "Cache time-to-live for icons that were not available. 0 means no purging."
- schema:
- type: int
- default: 2592000
- - variable: log
- label: "Logging"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log level"
- schema:
- type: string
- default: "info"
- required: true
- enum:
- - value: "trace"
- description: "trace"
- - value: "debug"
- description: "debug"
- - value: "info"
- description: "info"
- - value: "warn"
- description: "warn"
- - value: "error"
- description: "error"
- - value: "off"
- description: "off"
- - variable: file
- label: "Log-File Location"
- schema:
- type: string
- default: ""
- - variable: smtp
- label: "SMTP Settings (Email)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable SMTP Support"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "SMTP hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: from
- label: "SMTP sender e-mail address"
- schema:
- type: string
- required: true
- default: ""
- - variable: fromName
- label: "SMTP sender name"
- schema:
- type: string
- required: true
- default: ""
- - variable: user
- label: "SMTP username"
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: "SMTP password"
- description: "Required is user is specified, ignored if no user provided"
- schema:
- type: string
- default: ""
- - variable: ssl
- label: "Enable SSL connection"
- schema:
- type: boolean
- default: true
- - variable: port
- label: "SMTP port"
- description: "Usually: 25 without SSL, 587 with SSL"
- schema:
- type: int
- default: 587
- - variable: authMechanism
- label: "SMTP Authentication Mechanisms"
- description: "Comma-separated options: Plain, Login and Xoauth2"
- schema:
- type: string
- default: "Plain"
- - variable: heloName
- label: "SMTP HELO - Hostname"
- description: "Hostname to be sent for SMTP HELO. Defaults to pod name"
- schema:
- type: string
- default: ""
- - variable: timeout
- label: "SMTP timeout"
- schema:
- type: int
- default: 15
- - variable: invalidHostname
- label: "Accept Invalid Hostname"
- description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: invalidCertificate
- label: "Accept Invalid Certificate"
- description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: allowSignups
- label: "Allow Signup"
- description: "Allow any user to sign-up: https://github.com/dani-garcia/vaultwarden/wiki/Disable-registration-of-new-users"
- schema:
- type: boolean
- default: true
- - variable: allowInvitation
- label: "Always allow Invitation"
- description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/vaultwarden/wiki/Disable-invitations"
- schema:
- type: boolean
- default: true
- - variable: defaultInviteName
- label: "Default Invite Organisation Name"
- description: "Default organization name in invitation e-mails that are not coming from a specific organization."
- schema:
- type: string
- default: ""
- - variable: showPasswordHint
- label: "Show password hints"
- description: "https://github.com/dani-garcia/vaultwarden/wiki/Password-hint-display"
- schema:
- type: boolean
- default: true
- - variable: signupwhitelistenable
- label: "Enable Signup Whitelist"
- description: "allowSignups is ignored if set"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: signupDomains
- label: "Signup Whitelist Domains"
- schema:
- type: list
- default: []
- items:
- - variable: domain
- label: "Domain"
- schema:
- type: string
- default: ""
- - variable: verifySignup
- label: "Verifiy Signup"
- description: "Verify e-mail before login is enabled. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: requireEmail
- label: "Block Login if email fails"
- description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: emailAttempts
- label: "Email token reset attempts"
- description: "Maximum attempts before an email token is reset and a new email will need to be sent"
- schema:
- type: int
- default: 3
- - variable: emailTokenExpiration
- label: "Email token validity in seconds"
- schema:
- type: int
- default: 600
- - variable: enableWebVault
- label: "Enable Webvault"
- description: "Enable Web Vault (static content). https://github.com/dani-garcia/vaultwarden/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
- schema:
- type: boolean
- default: true
- - variable: orgCreationUsers
- label: "Limit Organisation Creation to (users)"
- description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
- schema:
- type: string
- default: "all"
- - variable: attachmentLimitOrg
- label: "Limit Attachment Disk Usage per Organisation"
- schema:
- type: string
- default: ""
- - variable: attachmentLimitUser
- label: "Limit Attachment Disk Usage per User"
- schema:
- type: string
- default: ""
- - variable: hibpApiKey
- label: "HaveIBeenPwned API Key"
- description: "Can be purchased at https://haveibeenpwned.com/API/Key"
- schema:
- type: string
- default: ""
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10102
- required: true
- - variable: ws
- label: "WebSocket Service"
- description: "WebSocket Service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ws
- label: "WebSocket Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 3012
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "==", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/vaultwarden/20.0.0/templates/NOTES.txt b/enterprise/vaultwarden/20.0.0/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/vaultwarden/20.0.0/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/vaultwarden/20.0.0/templates/_configmap.tpl b/enterprise/vaultwarden/20.0.0/templates/_configmap.tpl
deleted file mode 100644
index c21ff158df0..00000000000
--- a/enterprise/vaultwarden/20.0.0/templates/_configmap.tpl
+++ /dev/null
@@ -1,112 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "vaultwarden.configmap" -}}
-enabled: true
-data:
- ROCKET_PORT: "8080"
- SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
- {{- if .Values.vaultwarden.signupDomains }}
- SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
- {{- end }}
- {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
- SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
- {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
- REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
- {{- if .Values.vaultwarden.emailAttempts }}
- EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.emailTokenExpiration }}
- EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
- {{- end }}
- INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
- {{- if .Values.vaultwarden.defaultInviteName }}
- INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
- {{- end }}
- SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
- WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
- WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
- ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
- {{- if .Values.vaultwarden.attachmentLimitOrg }}
- ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.attachmentLimitUser }}
- USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.hibpApiKey }}
- HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
- {{- end }}
- {{- include "vaultwarden.dbTypeValid" . }}
- {{- if .Values.database.retries }}
- DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
- {{- end }}
- {{- if .Values.database.maxConnections }}
- DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.smtp.enabled true }}
- SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
- SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
- {{- if .Values.vaultwarden.smtp.fromName }}
- SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.ssl }}
- SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.port }}
- SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.authMechanism }}
- SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.heloName }}
- HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.timeout }}
- SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidHostname }}
- SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidCertificate }}
- SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.log.file }}
- LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
- {{- end }}
- {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
- EXTENDED_LOGGING: "true"
- {{- end }}
- {{- if .Values.vaultwarden.log.level }}
- {{- include "vaultwarden.logLevelValid" . }}
- LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.log.timeFormat }}
- LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.disableDownload }}
- DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
- {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
- ICON_CACHE_TTL: "0"
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cache }}
- ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cacheFailed }}
- ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.admin.enabled true }}
- {{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
- DISABLE_ADMIN_TOKEN: "true"
- {{- end }}
- {{- end }}
- {{- if eq .Values.vaultwarden.yubico.enabled true }}
- {{- if .Values.vaultwarden.yubico.server }}
- YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
- {{- end }}
- {{- end }}
- {{- if eq .Values.database.type "sqlite" }}
- ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
- {{- else }}
- ENABLE_DB_WAL: "false"
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.0/templates/_secrets.tpl b/enterprise/vaultwarden/20.0.0/templates/_secrets.tpl
deleted file mode 100644
index c63f401a965..00000000000
--- a/enterprise/vaultwarden/20.0.0/templates/_secrets.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "vaultwarden.secrets" -}}
-
-{{- $adminToken := "" }}
-{{- if eq .Values.vaultwarden.admin.enabled true }}
-{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | b64enc | quote }}
-{{- end -}}
-
-{{- $smtpUser := "" }}
-{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
-{{- $smtpUser = .Values.vaultwarden.smtp.user | b64enc | quote }}
-{{- end -}}
-
-{{- $yubicoClientId := "" }}
-{{- if eq .Values.vaultwarden.yubico.enabled true }}
-{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | b64enc | quote }}
-{{- end -}}
-enabled: true
-data:
- placeholder: placeholdervalue
- {{- if ne $adminToken "" }}
- ADMIN_TOKEN: {{ $adminToken }}
- {{- end }}
- {{- if ne $smtpUser "" }}
- SMTP_USERNAME: {{ $smtpUser }}
- SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | b64enc | quote }}
- {{- end }}
- {{- if ne $yubicoClientId "" }}
- YUBICO_CLIENT_ID: {{ $yubicoClientId }}
- YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | b64enc | quote }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.0/templates/_validate.tpl b/enterprise/vaultwarden/20.0.0/templates/_validate.tpl
deleted file mode 100644
index e4832c2f6e5..00000000000
--- a/enterprise/vaultwarden/20.0.0/templates/_validate.tpl
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-Ensure valid DB type is select, defaults to SQLite
-*/}}
-{{- define "vaultwarden.dbTypeValid" -}}
-{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
-{{- required "Invalid database type" nil }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Ensure log type is valid
-*/}}
-{{- define "vaultwarden.logLevelValid" -}}
-{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
-{{- required "Invalid log level" nil }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/vaultwarden/20.0.0/templates/common.yaml b/enterprise/vaultwarden/20.0.0/templates/common.yaml
deleted file mode 100644
index 00565a16a7a..00000000000
--- a/enterprise/vaultwarden/20.0.0/templates/common.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{/* Render configmap for vaultwarden */}}
-{{- $configmapFile := include "vaultwarden.configmap" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "vaultwardenconfig" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for vaultwarden */}}
-{{- $secret := include "vaultwarden.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "vaultwardensecret" $secret -}}
-{{- end -}}
-
-{{/* Define path for websocket */}}
-{{- define "vaultwarden.websocket" -}}
-{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" . -}}
-path: "/notifications/hub"
-# -- Ignored if not kubeVersion >= 1.14-0
-pathType: Prefix
-service:
- # -- Overrides the service name reference for this path
- name: {{ printf "%s-ws" $fullname }}
- port: {{ .Values.service.ws.ports.ws.port }}
-{{- end -}}
-
-{{/* inject websocket path to all main ingress hosts*/}}
-{{- define "vaultwarden.websocketinjector" -}}
-{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
-{{- if .Values.ingress.main.enabled }}
-{{- range .Values.ingress.main.hosts }}
-{{- $newpaths := list }}
-{{- $newpaths := concat .paths $path }}
-{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{/* inject websocket paths in ingress */}}
-{{- include "vaultwarden.websocketinjector" . }}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/vaultwarden/20.0.0/values.yaml b/enterprise/vaultwarden/20.0.0/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/vaultwarden/20.0.1/CHANGELOG.md b/enterprise/vaultwarden/20.0.1/CHANGELOG.md
deleted file mode 100644
index d564ed6bcbd..00000000000
--- a/enterprise/vaultwarden/20.0.1/CHANGELOG.md
+++ /dev/null
@@ -1,21 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [vaultwarden-20.0.1](https://github.com/truecharts/charts/compare/vaultwarden-20.0.0...vaultwarden-20.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [vaultwarden-20.0.0](https://github.com/truecharts/charts/compare/vaultwarden-19.0.23...vaultwarden-20.0.0) (2023-03-04)
-
diff --git a/enterprise/vaultwarden/20.0.1/Chart.yaml b/enterprise/vaultwarden/20.0.1/Chart.yaml
deleted file mode 100644
index ebbea746fb5..00000000000
--- a/enterprise/vaultwarden/20.0.1/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v2
-appVersion: "1.27.0"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.15
-deprecated: false
-description: Unofficial Bitwarden compatible server written in Rust
-home: https://truecharts.org/charts/enterprise/vaultwarden
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
-keywords:
- - bitwarden
- - bitwardenrs
- - bitwarden_rs
- - vaultwarden
- - password
- - rust
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: vaultwarden
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden
- - https://hub.docker.com/r/vaultwarden/server
- - https://github.com/dani-garcia/vaultwarden
-type: application
-version: 20.0.1
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/vaultwarden/20.0.1/LICENSE b/enterprise/vaultwarden/20.0.1/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/vaultwarden/20.0.1/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/vaultwarden/20.0.1/README.md b/enterprise/vaultwarden/20.0.1/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/vaultwarden/20.0.1/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/vaultwarden/20.0.1/app-changelog.md b/enterprise/vaultwarden/20.0.1/app-changelog.md
deleted file mode 100644
index 7831092705a..00000000000
--- a/enterprise/vaultwarden/20.0.1/app-changelog.md
+++ /dev/null
@@ -1,13 +0,0 @@
-
-
-## [vaultwarden-20.0.1](https://github.com/truecharts/charts/compare/vaultwarden-20.0.0...vaultwarden-20.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
\ No newline at end of file
diff --git a/enterprise/vaultwarden/20.0.1/app-readme.md b/enterprise/vaultwarden/20.0.1/app-readme.md
deleted file mode 100644
index 08d9cc8b1dd..00000000000
--- a/enterprise/vaultwarden/20.0.1/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Unofficial Bitwarden compatible server written in Rust
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/vaultwarden](https://truecharts.org/charts/enterprise/vaultwarden)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/vaultwarden/20.0.1/charts/common-12.2.15.tgz b/enterprise/vaultwarden/20.0.1/charts/common-12.2.15.tgz
deleted file mode 100644
index ee335e0c550..00000000000
Binary files a/enterprise/vaultwarden/20.0.1/charts/common-12.2.15.tgz and /dev/null differ
diff --git a/enterprise/vaultwarden/20.0.1/ix_values.yaml b/enterprise/vaultwarden/20.0.1/ix_values.yaml
deleted file mode 100644
index 3389326acfe..00000000000
--- a/enterprise/vaultwarden/20.0.1/ix_values.yaml
+++ /dev/null
@@ -1,164 +0,0 @@
-image:
- repository: tccr.io/truecharts/vaultwarden
- pullPolicy: IfNotPresent
- tag: 1.27.0@sha256:e80b8a6a8b05928d9703eda1c7ebd2c8f1c0b9deed1734ce31c2ec6d70aed323
-
-service:
- main:
- ports:
- main:
- port: 10102
- targetPort: 8080
- ws:
- enabled: true
- ports:
- ws:
- enabled: true
- port: 3012
- targetPort: 3012
-
-workload:
- main:
- podSpec:
- containers:
- main:
- env:
- DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
- DATABASE_URL:
- secretKeyRef:
- name: cnpg-main-urls
- key: std
-
- envFrom:
- - configMapRef:
- name: vaultwardenconfig
- - secretRef:
- name: vaultwardensecret
-
-database:
- # -- Database type,
- # must be one of: 'sqlite', 'mysql' or 'postgresql'.
- type: postgresql
- # -- Enable DB Write-Ahead-Log for SQLite,
- # disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
- wal: true
- ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
- # url: ""
- ## Set the size of the database connection pool.
- # maxConnections: 10
- ## Connection retries during startup, 0 for infinite. 1 second between retries.
- # retries: 15
-
-# Set Bitwarden_rs application variables
-vaultwarden:
- # -- Allow any user to sign-up
- # see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
- allowSignups: true
- ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
- # signupDomains:
- # - domain.tld
- # -- Verify e-mail before login is enabled.
- # SMTP must be enabled.
- verifySignup: false
- # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
- requireEmail: false
- ## Maximum attempts before an email token is reset and a new email will need to be sent.
- # emailAttempts: 3
- ## Email token validity in seconds.
- # emailTokenExpiration: 600
- # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
- allowInvitation: true
- # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
- ## Default organization name in invitation e-mails that are not coming from a specific organization.
- # defaultInviteName: ""
- showPasswordHint: true
- # Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
- # Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
- enableWebsockets: true
- # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
- enableWebVault: true
- # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
- orgCreationUsers: all
- ## Limit attachment disk usage per organization.
- # attachmentLimitOrg:
- ## Limit attachment disk usage per user.
- # attachmentLimitUser:
- ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
- # hibpApiKey:
-
- admin:
- # Enable admin portal.
- enabled: false
- # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
- disableAdminToken: false
- ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
- # token:
-
- # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
- smtp:
- enabled: false
- # SMTP hostname, required if SMTP is enabled.
- host: ""
- # SMTP sender e-mail address, required if SMTP is enabled.
- from: ""
- ## SMTP sender name, defaults to 'Bitwarden_RS'.
- # fromName: ""
- ## Enable SSL connection.
- # ssl: true
- ## SMTP port. Defaults to 25 without SSL, 587 with SSL.
- # port: 587
- ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
- # authMechanism: Plain
- ## Hostname to be sent for SMTP HELO. Defaults to pod name.
- # heloName: ""
- ## SMTP timeout.
- # timeout: 15
- ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidHostname: false
- ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidCertificate: false
- ## SMTP username.
- # user: ""
- ## SMTP password. Required is user is specified, ignored if no user provided.
- # password: ""
-
- ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
- yubico:
- enabled: false
- ## Yubico server. Defaults to YubiCloud.
- # server:
- ## Yubico ID and Secret Key.
- # clientId:
- # secretKey:
-
- ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
- log:
- # Log to file.
- file: ""
- # Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
- level: "trace"
- ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
- # timeFormat: ""
-
- icons:
- # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
- disableDownload: false
- ## Cache time-to-live for icons fetched. 0 means no purging.
- # cache: 2592000
- ## Cache time-to-live for icons that were not available. 0 means no purging.
- # cacheFailed: 259200
-
-persistence:
- data:
- enabled: true
- mountPath: "/data"
-
-cnpg:
- main:
- enabled: true
- user: vaultwarden
- database: vaultwarden
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/vaultwarden/20.0.1/questions.yaml b/enterprise/vaultwarden/20.0.1/questions.yaml
deleted file mode 100644
index 4f20eae3219..00000000000
--- a/enterprise/vaultwarden/20.0.1/questions.yaml
+++ /dev/null
@@ -1,2227 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- admin:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "/admin/"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: vaultwarden
- label: ""
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: yubico
- label: "Yubico OTP authentication"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Yubico OTP authentication"
- description: "Please refer to the manual at: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Yubikey-OTP-authentication"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: server
- label: "Yubico server"
- description: "Defaults to YubiCloud"
- schema:
- type: string
- default: ""
- - variable: clientId
- label: "Yubico ID"
- schema:
- type: string
- default: ""
- - variable: secretKey
- label: "Yubico Secret Key"
- schema:
- type: string
- default: ""
- - variable: admin
- label: "Admin Portal"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Admin Portal"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: disableAdminToken
- label: "Make Accessible Without Password/Token"
- schema:
- type: boolean
- default: false
- - variable: token
- label: "Admin Portal Password/Token"
- description: "Will be automatically generated if not defined"
- schema:
- type: string
- default: ""
- - variable: icons
- label: "Icon Download Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disableDownload
- label: "Disable Icon Download"
- description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
- schema:
- type: boolean
- default: false
- - variable: cache
- label: "Cache time-to-live"
- description: "Cache time-to-live for icons fetched. 0 means no purging"
- schema:
- type: int
- default: 2592000
- - variable: token
- label: "Failed Downloads Cache time-to-live"
- description: "Cache time-to-live for icons that were not available. 0 means no purging."
- schema:
- type: int
- default: 2592000
- - variable: log
- label: "Logging"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log level"
- schema:
- type: string
- default: "info"
- required: true
- enum:
- - value: "trace"
- description: "trace"
- - value: "debug"
- description: "debug"
- - value: "info"
- description: "info"
- - value: "warn"
- description: "warn"
- - value: "error"
- description: "error"
- - value: "off"
- description: "off"
- - variable: file
- label: "Log-File Location"
- schema:
- type: string
- default: ""
- - variable: smtp
- label: "SMTP Settings (Email)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable SMTP Support"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "SMTP hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: from
- label: "SMTP sender e-mail address"
- schema:
- type: string
- required: true
- default: ""
- - variable: fromName
- label: "SMTP sender name"
- schema:
- type: string
- required: true
- default: ""
- - variable: user
- label: "SMTP username"
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: "SMTP password"
- description: "Required is user is specified, ignored if no user provided"
- schema:
- type: string
- default: ""
- - variable: ssl
- label: "Enable SSL connection"
- schema:
- type: boolean
- default: true
- - variable: port
- label: "SMTP port"
- description: "Usually: 25 without SSL, 587 with SSL"
- schema:
- type: int
- default: 587
- - variable: authMechanism
- label: "SMTP Authentication Mechanisms"
- description: "Comma-separated options: Plain, Login and Xoauth2"
- schema:
- type: string
- default: "Plain"
- - variable: heloName
- label: "SMTP HELO - Hostname"
- description: "Hostname to be sent for SMTP HELO. Defaults to pod name"
- schema:
- type: string
- default: ""
- - variable: timeout
- label: "SMTP timeout"
- schema:
- type: int
- default: 15
- - variable: invalidHostname
- label: "Accept Invalid Hostname"
- description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: invalidCertificate
- label: "Accept Invalid Certificate"
- description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: allowSignups
- label: "Allow Signup"
- description: "Allow any user to sign-up: https://github.com/dani-garcia/vaultwarden/wiki/Disable-registration-of-new-users"
- schema:
- type: boolean
- default: true
- - variable: allowInvitation
- label: "Always allow Invitation"
- description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/vaultwarden/wiki/Disable-invitations"
- schema:
- type: boolean
- default: true
- - variable: defaultInviteName
- label: "Default Invite Organisation Name"
- description: "Default organization name in invitation e-mails that are not coming from a specific organization."
- schema:
- type: string
- default: ""
- - variable: showPasswordHint
- label: "Show password hints"
- description: "https://github.com/dani-garcia/vaultwarden/wiki/Password-hint-display"
- schema:
- type: boolean
- default: true
- - variable: signupwhitelistenable
- label: "Enable Signup Whitelist"
- description: "allowSignups is ignored if set"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: signupDomains
- label: "Signup Whitelist Domains"
- schema:
- type: list
- default: []
- items:
- - variable: domain
- label: "Domain"
- schema:
- type: string
- default: ""
- - variable: verifySignup
- label: "Verifiy Signup"
- description: "Verify e-mail before login is enabled. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: requireEmail
- label: "Block Login if email fails"
- description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: emailAttempts
- label: "Email token reset attempts"
- description: "Maximum attempts before an email token is reset and a new email will need to be sent"
- schema:
- type: int
- default: 3
- - variable: emailTokenExpiration
- label: "Email token validity in seconds"
- schema:
- type: int
- default: 600
- - variable: enableWebVault
- label: "Enable Webvault"
- description: "Enable Web Vault (static content). https://github.com/dani-garcia/vaultwarden/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
- schema:
- type: boolean
- default: true
- - variable: orgCreationUsers
- label: "Limit Organisation Creation to (users)"
- description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
- schema:
- type: string
- default: "all"
- - variable: attachmentLimitOrg
- label: "Limit Attachment Disk Usage per Organisation"
- schema:
- type: string
- default: ""
- - variable: attachmentLimitUser
- label: "Limit Attachment Disk Usage per User"
- schema:
- type: string
- default: ""
- - variable: hibpApiKey
- label: "HaveIBeenPwned API Key"
- description: "Can be purchased at https://haveibeenpwned.com/API/Key"
- schema:
- type: string
- default: ""
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10102
- required: true
- - variable: ws
- label: "WebSocket Service"
- description: "WebSocket Service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ws
- label: "WebSocket Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 3012
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/vaultwarden/20.0.1/templates/NOTES.txt b/enterprise/vaultwarden/20.0.1/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/vaultwarden/20.0.1/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/vaultwarden/20.0.1/templates/_configmap.tpl b/enterprise/vaultwarden/20.0.1/templates/_configmap.tpl
deleted file mode 100644
index c21ff158df0..00000000000
--- a/enterprise/vaultwarden/20.0.1/templates/_configmap.tpl
+++ /dev/null
@@ -1,112 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "vaultwarden.configmap" -}}
-enabled: true
-data:
- ROCKET_PORT: "8080"
- SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
- {{- if .Values.vaultwarden.signupDomains }}
- SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
- {{- end }}
- {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
- SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
- {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
- REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
- {{- if .Values.vaultwarden.emailAttempts }}
- EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.emailTokenExpiration }}
- EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
- {{- end }}
- INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
- {{- if .Values.vaultwarden.defaultInviteName }}
- INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
- {{- end }}
- SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
- WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
- WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
- ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
- {{- if .Values.vaultwarden.attachmentLimitOrg }}
- ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.attachmentLimitUser }}
- USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.hibpApiKey }}
- HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
- {{- end }}
- {{- include "vaultwarden.dbTypeValid" . }}
- {{- if .Values.database.retries }}
- DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
- {{- end }}
- {{- if .Values.database.maxConnections }}
- DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.smtp.enabled true }}
- SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
- SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
- {{- if .Values.vaultwarden.smtp.fromName }}
- SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.ssl }}
- SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.port }}
- SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.authMechanism }}
- SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.heloName }}
- HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.timeout }}
- SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidHostname }}
- SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidCertificate }}
- SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.log.file }}
- LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
- {{- end }}
- {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
- EXTENDED_LOGGING: "true"
- {{- end }}
- {{- if .Values.vaultwarden.log.level }}
- {{- include "vaultwarden.logLevelValid" . }}
- LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.log.timeFormat }}
- LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.disableDownload }}
- DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
- {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
- ICON_CACHE_TTL: "0"
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cache }}
- ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cacheFailed }}
- ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.admin.enabled true }}
- {{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
- DISABLE_ADMIN_TOKEN: "true"
- {{- end }}
- {{- end }}
- {{- if eq .Values.vaultwarden.yubico.enabled true }}
- {{- if .Values.vaultwarden.yubico.server }}
- YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
- {{- end }}
- {{- end }}
- {{- if eq .Values.database.type "sqlite" }}
- ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
- {{- else }}
- ENABLE_DB_WAL: "false"
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.1/templates/_secrets.tpl b/enterprise/vaultwarden/20.0.1/templates/_secrets.tpl
deleted file mode 100644
index c63f401a965..00000000000
--- a/enterprise/vaultwarden/20.0.1/templates/_secrets.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "vaultwarden.secrets" -}}
-
-{{- $adminToken := "" }}
-{{- if eq .Values.vaultwarden.admin.enabled true }}
-{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | b64enc | quote }}
-{{- end -}}
-
-{{- $smtpUser := "" }}
-{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
-{{- $smtpUser = .Values.vaultwarden.smtp.user | b64enc | quote }}
-{{- end -}}
-
-{{- $yubicoClientId := "" }}
-{{- if eq .Values.vaultwarden.yubico.enabled true }}
-{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | b64enc | quote }}
-{{- end -}}
-enabled: true
-data:
- placeholder: placeholdervalue
- {{- if ne $adminToken "" }}
- ADMIN_TOKEN: {{ $adminToken }}
- {{- end }}
- {{- if ne $smtpUser "" }}
- SMTP_USERNAME: {{ $smtpUser }}
- SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | b64enc | quote }}
- {{- end }}
- {{- if ne $yubicoClientId "" }}
- YUBICO_CLIENT_ID: {{ $yubicoClientId }}
- YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | b64enc | quote }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.1/templates/_validate.tpl b/enterprise/vaultwarden/20.0.1/templates/_validate.tpl
deleted file mode 100644
index e4832c2f6e5..00000000000
--- a/enterprise/vaultwarden/20.0.1/templates/_validate.tpl
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-Ensure valid DB type is select, defaults to SQLite
-*/}}
-{{- define "vaultwarden.dbTypeValid" -}}
-{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
-{{- required "Invalid database type" nil }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Ensure log type is valid
-*/}}
-{{- define "vaultwarden.logLevelValid" -}}
-{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
-{{- required "Invalid log level" nil }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/vaultwarden/20.0.1/templates/common.yaml b/enterprise/vaultwarden/20.0.1/templates/common.yaml
deleted file mode 100644
index 00565a16a7a..00000000000
--- a/enterprise/vaultwarden/20.0.1/templates/common.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{/* Render configmap for vaultwarden */}}
-{{- $configmapFile := include "vaultwarden.configmap" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "vaultwardenconfig" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for vaultwarden */}}
-{{- $secret := include "vaultwarden.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "vaultwardensecret" $secret -}}
-{{- end -}}
-
-{{/* Define path for websocket */}}
-{{- define "vaultwarden.websocket" -}}
-{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" . -}}
-path: "/notifications/hub"
-# -- Ignored if not kubeVersion >= 1.14-0
-pathType: Prefix
-service:
- # -- Overrides the service name reference for this path
- name: {{ printf "%s-ws" $fullname }}
- port: {{ .Values.service.ws.ports.ws.port }}
-{{- end -}}
-
-{{/* inject websocket path to all main ingress hosts*/}}
-{{- define "vaultwarden.websocketinjector" -}}
-{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
-{{- if .Values.ingress.main.enabled }}
-{{- range .Values.ingress.main.hosts }}
-{{- $newpaths := list }}
-{{- $newpaths := concat .paths $path }}
-{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{/* inject websocket paths in ingress */}}
-{{- include "vaultwarden.websocketinjector" . }}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/vaultwarden/20.0.1/values.yaml b/enterprise/vaultwarden/20.0.1/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/vaultwarden/20.0.3/CHANGELOG.md b/enterprise/vaultwarden/20.0.3/CHANGELOG.md
deleted file mode 100644
index 7e66cd4374a..00000000000
--- a/enterprise/vaultwarden/20.0.3/CHANGELOG.md
+++ /dev/null
@@ -1,30 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [vaultwarden-20.0.3](https://github.com/truecharts/charts/compare/vaultwarden-20.0.1...vaultwarden-20.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [vaultwarden-20.0.1](https://github.com/truecharts/charts/compare/vaultwarden-20.0.0...vaultwarden-20.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [vaultwarden-20.0.0](https://github.com/truecharts/charts/compare/vaultwarden-19.0.23...vaultwarden-20.0.0) (2023-03-04)
-
diff --git a/enterprise/vaultwarden/20.0.3/Chart.yaml b/enterprise/vaultwarden/20.0.3/Chart.yaml
deleted file mode 100644
index f9d5efa793f..00000000000
--- a/enterprise/vaultwarden/20.0.3/Chart.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: v2
-appVersion: "1.27.0"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.18
-deprecated: false
-description: Unofficial Bitwarden compatible server written in Rust
-home: https://truecharts.org/charts/enterprise/vaultwarden
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
-keywords:
- - bitwarden
- - bitwardenrs
- - bitwarden_rs
- - vaultwarden
- - password
- - rust
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: vaultwarden
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden
- - https://github.com/dani-garcia/vaultwarden
-type: application
-version: 20.0.3
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/vaultwarden/20.0.3/LICENSE b/enterprise/vaultwarden/20.0.3/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/vaultwarden/20.0.3/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/vaultwarden/20.0.3/README.md b/enterprise/vaultwarden/20.0.3/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/vaultwarden/20.0.3/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/vaultwarden/20.0.3/app-changelog.md b/enterprise/vaultwarden/20.0.3/app-changelog.md
deleted file mode 100644
index 2655de8dea4..00000000000
--- a/enterprise/vaultwarden/20.0.3/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [vaultwarden-20.0.3](https://github.com/truecharts/charts/compare/vaultwarden-20.0.1...vaultwarden-20.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
\ No newline at end of file
diff --git a/enterprise/vaultwarden/20.0.3/app-readme.md b/enterprise/vaultwarden/20.0.3/app-readme.md
deleted file mode 100644
index 08d9cc8b1dd..00000000000
--- a/enterprise/vaultwarden/20.0.3/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Unofficial Bitwarden compatible server written in Rust
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/vaultwarden](https://truecharts.org/charts/enterprise/vaultwarden)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/vaultwarden/20.0.3/charts/common-12.2.18.tgz b/enterprise/vaultwarden/20.0.3/charts/common-12.2.18.tgz
deleted file mode 100644
index 3a48d999d53..00000000000
Binary files a/enterprise/vaultwarden/20.0.3/charts/common-12.2.18.tgz and /dev/null differ
diff --git a/enterprise/vaultwarden/20.0.3/ix_values.yaml b/enterprise/vaultwarden/20.0.3/ix_values.yaml
deleted file mode 100644
index 3389326acfe..00000000000
--- a/enterprise/vaultwarden/20.0.3/ix_values.yaml
+++ /dev/null
@@ -1,164 +0,0 @@
-image:
- repository: tccr.io/truecharts/vaultwarden
- pullPolicy: IfNotPresent
- tag: 1.27.0@sha256:e80b8a6a8b05928d9703eda1c7ebd2c8f1c0b9deed1734ce31c2ec6d70aed323
-
-service:
- main:
- ports:
- main:
- port: 10102
- targetPort: 8080
- ws:
- enabled: true
- ports:
- ws:
- enabled: true
- port: 3012
- targetPort: 3012
-
-workload:
- main:
- podSpec:
- containers:
- main:
- env:
- DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
- DATABASE_URL:
- secretKeyRef:
- name: cnpg-main-urls
- key: std
-
- envFrom:
- - configMapRef:
- name: vaultwardenconfig
- - secretRef:
- name: vaultwardensecret
-
-database:
- # -- Database type,
- # must be one of: 'sqlite', 'mysql' or 'postgresql'.
- type: postgresql
- # -- Enable DB Write-Ahead-Log for SQLite,
- # disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
- wal: true
- ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
- # url: ""
- ## Set the size of the database connection pool.
- # maxConnections: 10
- ## Connection retries during startup, 0 for infinite. 1 second between retries.
- # retries: 15
-
-# Set Bitwarden_rs application variables
-vaultwarden:
- # -- Allow any user to sign-up
- # see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
- allowSignups: true
- ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
- # signupDomains:
- # - domain.tld
- # -- Verify e-mail before login is enabled.
- # SMTP must be enabled.
- verifySignup: false
- # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
- requireEmail: false
- ## Maximum attempts before an email token is reset and a new email will need to be sent.
- # emailAttempts: 3
- ## Email token validity in seconds.
- # emailTokenExpiration: 600
- # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
- allowInvitation: true
- # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
- ## Default organization name in invitation e-mails that are not coming from a specific organization.
- # defaultInviteName: ""
- showPasswordHint: true
- # Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
- # Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
- enableWebsockets: true
- # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
- enableWebVault: true
- # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
- orgCreationUsers: all
- ## Limit attachment disk usage per organization.
- # attachmentLimitOrg:
- ## Limit attachment disk usage per user.
- # attachmentLimitUser:
- ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
- # hibpApiKey:
-
- admin:
- # Enable admin portal.
- enabled: false
- # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
- disableAdminToken: false
- ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
- # token:
-
- # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
- smtp:
- enabled: false
- # SMTP hostname, required if SMTP is enabled.
- host: ""
- # SMTP sender e-mail address, required if SMTP is enabled.
- from: ""
- ## SMTP sender name, defaults to 'Bitwarden_RS'.
- # fromName: ""
- ## Enable SSL connection.
- # ssl: true
- ## SMTP port. Defaults to 25 without SSL, 587 with SSL.
- # port: 587
- ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
- # authMechanism: Plain
- ## Hostname to be sent for SMTP HELO. Defaults to pod name.
- # heloName: ""
- ## SMTP timeout.
- # timeout: 15
- ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidHostname: false
- ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidCertificate: false
- ## SMTP username.
- # user: ""
- ## SMTP password. Required is user is specified, ignored if no user provided.
- # password: ""
-
- ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
- yubico:
- enabled: false
- ## Yubico server. Defaults to YubiCloud.
- # server:
- ## Yubico ID and Secret Key.
- # clientId:
- # secretKey:
-
- ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
- log:
- # Log to file.
- file: ""
- # Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
- level: "trace"
- ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
- # timeFormat: ""
-
- icons:
- # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
- disableDownload: false
- ## Cache time-to-live for icons fetched. 0 means no purging.
- # cache: 2592000
- ## Cache time-to-live for icons that were not available. 0 means no purging.
- # cacheFailed: 259200
-
-persistence:
- data:
- enabled: true
- mountPath: "/data"
-
-cnpg:
- main:
- enabled: true
- user: vaultwarden
- database: vaultwarden
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/vaultwarden/20.0.3/questions.yaml b/enterprise/vaultwarden/20.0.3/questions.yaml
deleted file mode 100644
index 4f20eae3219..00000000000
--- a/enterprise/vaultwarden/20.0.3/questions.yaml
+++ /dev/null
@@ -1,2227 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- admin:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "/admin/"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: vaultwarden
- label: ""
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: yubico
- label: "Yubico OTP authentication"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Yubico OTP authentication"
- description: "Please refer to the manual at: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Yubikey-OTP-authentication"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: server
- label: "Yubico server"
- description: "Defaults to YubiCloud"
- schema:
- type: string
- default: ""
- - variable: clientId
- label: "Yubico ID"
- schema:
- type: string
- default: ""
- - variable: secretKey
- label: "Yubico Secret Key"
- schema:
- type: string
- default: ""
- - variable: admin
- label: "Admin Portal"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Admin Portal"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: disableAdminToken
- label: "Make Accessible Without Password/Token"
- schema:
- type: boolean
- default: false
- - variable: token
- label: "Admin Portal Password/Token"
- description: "Will be automatically generated if not defined"
- schema:
- type: string
- default: ""
- - variable: icons
- label: "Icon Download Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disableDownload
- label: "Disable Icon Download"
- description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
- schema:
- type: boolean
- default: false
- - variable: cache
- label: "Cache time-to-live"
- description: "Cache time-to-live for icons fetched. 0 means no purging"
- schema:
- type: int
- default: 2592000
- - variable: token
- label: "Failed Downloads Cache time-to-live"
- description: "Cache time-to-live for icons that were not available. 0 means no purging."
- schema:
- type: int
- default: 2592000
- - variable: log
- label: "Logging"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log level"
- schema:
- type: string
- default: "info"
- required: true
- enum:
- - value: "trace"
- description: "trace"
- - value: "debug"
- description: "debug"
- - value: "info"
- description: "info"
- - value: "warn"
- description: "warn"
- - value: "error"
- description: "error"
- - value: "off"
- description: "off"
- - variable: file
- label: "Log-File Location"
- schema:
- type: string
- default: ""
- - variable: smtp
- label: "SMTP Settings (Email)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable SMTP Support"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "SMTP hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: from
- label: "SMTP sender e-mail address"
- schema:
- type: string
- required: true
- default: ""
- - variable: fromName
- label: "SMTP sender name"
- schema:
- type: string
- required: true
- default: ""
- - variable: user
- label: "SMTP username"
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: "SMTP password"
- description: "Required is user is specified, ignored if no user provided"
- schema:
- type: string
- default: ""
- - variable: ssl
- label: "Enable SSL connection"
- schema:
- type: boolean
- default: true
- - variable: port
- label: "SMTP port"
- description: "Usually: 25 without SSL, 587 with SSL"
- schema:
- type: int
- default: 587
- - variable: authMechanism
- label: "SMTP Authentication Mechanisms"
- description: "Comma-separated options: Plain, Login and Xoauth2"
- schema:
- type: string
- default: "Plain"
- - variable: heloName
- label: "SMTP HELO - Hostname"
- description: "Hostname to be sent for SMTP HELO. Defaults to pod name"
- schema:
- type: string
- default: ""
- - variable: timeout
- label: "SMTP timeout"
- schema:
- type: int
- default: 15
- - variable: invalidHostname
- label: "Accept Invalid Hostname"
- description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: invalidCertificate
- label: "Accept Invalid Certificate"
- description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: allowSignups
- label: "Allow Signup"
- description: "Allow any user to sign-up: https://github.com/dani-garcia/vaultwarden/wiki/Disable-registration-of-new-users"
- schema:
- type: boolean
- default: true
- - variable: allowInvitation
- label: "Always allow Invitation"
- description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/vaultwarden/wiki/Disable-invitations"
- schema:
- type: boolean
- default: true
- - variable: defaultInviteName
- label: "Default Invite Organisation Name"
- description: "Default organization name in invitation e-mails that are not coming from a specific organization."
- schema:
- type: string
- default: ""
- - variable: showPasswordHint
- label: "Show password hints"
- description: "https://github.com/dani-garcia/vaultwarden/wiki/Password-hint-display"
- schema:
- type: boolean
- default: true
- - variable: signupwhitelistenable
- label: "Enable Signup Whitelist"
- description: "allowSignups is ignored if set"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: signupDomains
- label: "Signup Whitelist Domains"
- schema:
- type: list
- default: []
- items:
- - variable: domain
- label: "Domain"
- schema:
- type: string
- default: ""
- - variable: verifySignup
- label: "Verifiy Signup"
- description: "Verify e-mail before login is enabled. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: requireEmail
- label: "Block Login if email fails"
- description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: emailAttempts
- label: "Email token reset attempts"
- description: "Maximum attempts before an email token is reset and a new email will need to be sent"
- schema:
- type: int
- default: 3
- - variable: emailTokenExpiration
- label: "Email token validity in seconds"
- schema:
- type: int
- default: 600
- - variable: enableWebVault
- label: "Enable Webvault"
- description: "Enable Web Vault (static content). https://github.com/dani-garcia/vaultwarden/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
- schema:
- type: boolean
- default: true
- - variable: orgCreationUsers
- label: "Limit Organisation Creation to (users)"
- description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
- schema:
- type: string
- default: "all"
- - variable: attachmentLimitOrg
- label: "Limit Attachment Disk Usage per Organisation"
- schema:
- type: string
- default: ""
- - variable: attachmentLimitUser
- label: "Limit Attachment Disk Usage per User"
- schema:
- type: string
- default: ""
- - variable: hibpApiKey
- label: "HaveIBeenPwned API Key"
- description: "Can be purchased at https://haveibeenpwned.com/API/Key"
- schema:
- type: string
- default: ""
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10102
- required: true
- - variable: ws
- label: "WebSocket Service"
- description: "WebSocket Service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ws
- label: "WebSocket Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 3012
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/vaultwarden/20.0.3/templates/NOTES.txt b/enterprise/vaultwarden/20.0.3/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/vaultwarden/20.0.3/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/vaultwarden/20.0.3/templates/_configmap.tpl b/enterprise/vaultwarden/20.0.3/templates/_configmap.tpl
deleted file mode 100644
index c21ff158df0..00000000000
--- a/enterprise/vaultwarden/20.0.3/templates/_configmap.tpl
+++ /dev/null
@@ -1,112 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "vaultwarden.configmap" -}}
-enabled: true
-data:
- ROCKET_PORT: "8080"
- SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
- {{- if .Values.vaultwarden.signupDomains }}
- SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
- {{- end }}
- {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
- SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
- {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
- REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
- {{- if .Values.vaultwarden.emailAttempts }}
- EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.emailTokenExpiration }}
- EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
- {{- end }}
- INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
- {{- if .Values.vaultwarden.defaultInviteName }}
- INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
- {{- end }}
- SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
- WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
- WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
- ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
- {{- if .Values.vaultwarden.attachmentLimitOrg }}
- ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.attachmentLimitUser }}
- USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.hibpApiKey }}
- HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
- {{- end }}
- {{- include "vaultwarden.dbTypeValid" . }}
- {{- if .Values.database.retries }}
- DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
- {{- end }}
- {{- if .Values.database.maxConnections }}
- DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.smtp.enabled true }}
- SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
- SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
- {{- if .Values.vaultwarden.smtp.fromName }}
- SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.ssl }}
- SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.port }}
- SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.authMechanism }}
- SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.heloName }}
- HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.timeout }}
- SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidHostname }}
- SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidCertificate }}
- SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.log.file }}
- LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
- {{- end }}
- {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
- EXTENDED_LOGGING: "true"
- {{- end }}
- {{- if .Values.vaultwarden.log.level }}
- {{- include "vaultwarden.logLevelValid" . }}
- LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.log.timeFormat }}
- LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.disableDownload }}
- DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
- {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
- ICON_CACHE_TTL: "0"
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cache }}
- ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cacheFailed }}
- ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.admin.enabled true }}
- {{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
- DISABLE_ADMIN_TOKEN: "true"
- {{- end }}
- {{- end }}
- {{- if eq .Values.vaultwarden.yubico.enabled true }}
- {{- if .Values.vaultwarden.yubico.server }}
- YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
- {{- end }}
- {{- end }}
- {{- if eq .Values.database.type "sqlite" }}
- ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
- {{- else }}
- ENABLE_DB_WAL: "false"
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.3/templates/_secrets.tpl b/enterprise/vaultwarden/20.0.3/templates/_secrets.tpl
deleted file mode 100644
index c63f401a965..00000000000
--- a/enterprise/vaultwarden/20.0.3/templates/_secrets.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "vaultwarden.secrets" -}}
-
-{{- $adminToken := "" }}
-{{- if eq .Values.vaultwarden.admin.enabled true }}
-{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | b64enc | quote }}
-{{- end -}}
-
-{{- $smtpUser := "" }}
-{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
-{{- $smtpUser = .Values.vaultwarden.smtp.user | b64enc | quote }}
-{{- end -}}
-
-{{- $yubicoClientId := "" }}
-{{- if eq .Values.vaultwarden.yubico.enabled true }}
-{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | b64enc | quote }}
-{{- end -}}
-enabled: true
-data:
- placeholder: placeholdervalue
- {{- if ne $adminToken "" }}
- ADMIN_TOKEN: {{ $adminToken }}
- {{- end }}
- {{- if ne $smtpUser "" }}
- SMTP_USERNAME: {{ $smtpUser }}
- SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | b64enc | quote }}
- {{- end }}
- {{- if ne $yubicoClientId "" }}
- YUBICO_CLIENT_ID: {{ $yubicoClientId }}
- YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | b64enc | quote }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.3/templates/_validate.tpl b/enterprise/vaultwarden/20.0.3/templates/_validate.tpl
deleted file mode 100644
index e4832c2f6e5..00000000000
--- a/enterprise/vaultwarden/20.0.3/templates/_validate.tpl
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-Ensure valid DB type is select, defaults to SQLite
-*/}}
-{{- define "vaultwarden.dbTypeValid" -}}
-{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
-{{- required "Invalid database type" nil }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Ensure log type is valid
-*/}}
-{{- define "vaultwarden.logLevelValid" -}}
-{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
-{{- required "Invalid log level" nil }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/vaultwarden/20.0.3/templates/common.yaml b/enterprise/vaultwarden/20.0.3/templates/common.yaml
deleted file mode 100644
index 00565a16a7a..00000000000
--- a/enterprise/vaultwarden/20.0.3/templates/common.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{/* Render configmap for vaultwarden */}}
-{{- $configmapFile := include "vaultwarden.configmap" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "vaultwardenconfig" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for vaultwarden */}}
-{{- $secret := include "vaultwarden.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "vaultwardensecret" $secret -}}
-{{- end -}}
-
-{{/* Define path for websocket */}}
-{{- define "vaultwarden.websocket" -}}
-{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" . -}}
-path: "/notifications/hub"
-# -- Ignored if not kubeVersion >= 1.14-0
-pathType: Prefix
-service:
- # -- Overrides the service name reference for this path
- name: {{ printf "%s-ws" $fullname }}
- port: {{ .Values.service.ws.ports.ws.port }}
-{{- end -}}
-
-{{/* inject websocket path to all main ingress hosts*/}}
-{{- define "vaultwarden.websocketinjector" -}}
-{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
-{{- if .Values.ingress.main.enabled }}
-{{- range .Values.ingress.main.hosts }}
-{{- $newpaths := list }}
-{{- $newpaths := concat .paths $path }}
-{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{/* inject websocket paths in ingress */}}
-{{- include "vaultwarden.websocketinjector" . }}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/vaultwarden/20.0.3/values.yaml b/enterprise/vaultwarden/20.0.3/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/vaultwarden/20.0.4/CHANGELOG.md b/enterprise/vaultwarden/20.0.4/CHANGELOG.md
deleted file mode 100644
index 7c409c7151e..00000000000
--- a/enterprise/vaultwarden/20.0.4/CHANGELOG.md
+++ /dev/null
@@ -1,39 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [vaultwarden-20.0.4](https://github.com/truecharts/charts/compare/vaultwarden-20.0.3...vaultwarden-20.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [vaultwarden-20.0.3](https://github.com/truecharts/charts/compare/vaultwarden-20.0.1...vaultwarden-20.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [vaultwarden-20.0.1](https://github.com/truecharts/charts/compare/vaultwarden-20.0.0...vaultwarden-20.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [vaultwarden-20.0.0](https://github.com/truecharts/charts/compare/vaultwarden-19.0.23...vaultwarden-20.0.0) (2023-03-04)
-
diff --git a/enterprise/vaultwarden/20.0.4/Chart.yaml b/enterprise/vaultwarden/20.0.4/Chart.yaml
deleted file mode 100644
index dcb14a31a9a..00000000000
--- a/enterprise/vaultwarden/20.0.4/Chart.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: v2
-appVersion: "1.27.0"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.19
-deprecated: false
-description: Unofficial Bitwarden compatible server written in Rust
-home: https://truecharts.org/charts/enterprise/vaultwarden
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
-keywords:
- - bitwarden
- - bitwardenrs
- - bitwarden_rs
- - vaultwarden
- - password
- - rust
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: vaultwarden
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden
- - https://github.com/dani-garcia/vaultwarden
-type: application
-version: 20.0.4
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/vaultwarden/20.0.4/LICENSE b/enterprise/vaultwarden/20.0.4/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/vaultwarden/20.0.4/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/vaultwarden/20.0.4/README.md b/enterprise/vaultwarden/20.0.4/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/vaultwarden/20.0.4/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/vaultwarden/20.0.4/app-changelog.md b/enterprise/vaultwarden/20.0.4/app-changelog.md
deleted file mode 100644
index 93aaad9a1ba..00000000000
--- a/enterprise/vaultwarden/20.0.4/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [vaultwarden-20.0.4](https://github.com/truecharts/charts/compare/vaultwarden-20.0.3...vaultwarden-20.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
\ No newline at end of file
diff --git a/enterprise/vaultwarden/20.0.4/app-readme.md b/enterprise/vaultwarden/20.0.4/app-readme.md
deleted file mode 100644
index 08d9cc8b1dd..00000000000
--- a/enterprise/vaultwarden/20.0.4/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Unofficial Bitwarden compatible server written in Rust
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/vaultwarden](https://truecharts.org/charts/enterprise/vaultwarden)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/vaultwarden/20.0.4/charts/common-12.2.19.tgz b/enterprise/vaultwarden/20.0.4/charts/common-12.2.19.tgz
deleted file mode 100644
index 7959002233d..00000000000
Binary files a/enterprise/vaultwarden/20.0.4/charts/common-12.2.19.tgz and /dev/null differ
diff --git a/enterprise/vaultwarden/20.0.4/ix_values.yaml b/enterprise/vaultwarden/20.0.4/ix_values.yaml
deleted file mode 100644
index 3389326acfe..00000000000
--- a/enterprise/vaultwarden/20.0.4/ix_values.yaml
+++ /dev/null
@@ -1,164 +0,0 @@
-image:
- repository: tccr.io/truecharts/vaultwarden
- pullPolicy: IfNotPresent
- tag: 1.27.0@sha256:e80b8a6a8b05928d9703eda1c7ebd2c8f1c0b9deed1734ce31c2ec6d70aed323
-
-service:
- main:
- ports:
- main:
- port: 10102
- targetPort: 8080
- ws:
- enabled: true
- ports:
- ws:
- enabled: true
- port: 3012
- targetPort: 3012
-
-workload:
- main:
- podSpec:
- containers:
- main:
- env:
- DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
- DATABASE_URL:
- secretKeyRef:
- name: cnpg-main-urls
- key: std
-
- envFrom:
- - configMapRef:
- name: vaultwardenconfig
- - secretRef:
- name: vaultwardensecret
-
-database:
- # -- Database type,
- # must be one of: 'sqlite', 'mysql' or 'postgresql'.
- type: postgresql
- # -- Enable DB Write-Ahead-Log for SQLite,
- # disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
- wal: true
- ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
- # url: ""
- ## Set the size of the database connection pool.
- # maxConnections: 10
- ## Connection retries during startup, 0 for infinite. 1 second between retries.
- # retries: 15
-
-# Set Bitwarden_rs application variables
-vaultwarden:
- # -- Allow any user to sign-up
- # see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
- allowSignups: true
- ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
- # signupDomains:
- # - domain.tld
- # -- Verify e-mail before login is enabled.
- # SMTP must be enabled.
- verifySignup: false
- # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
- requireEmail: false
- ## Maximum attempts before an email token is reset and a new email will need to be sent.
- # emailAttempts: 3
- ## Email token validity in seconds.
- # emailTokenExpiration: 600
- # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
- allowInvitation: true
- # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
- ## Default organization name in invitation e-mails that are not coming from a specific organization.
- # defaultInviteName: ""
- showPasswordHint: true
- # Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
- # Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
- enableWebsockets: true
- # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
- enableWebVault: true
- # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
- orgCreationUsers: all
- ## Limit attachment disk usage per organization.
- # attachmentLimitOrg:
- ## Limit attachment disk usage per user.
- # attachmentLimitUser:
- ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
- # hibpApiKey:
-
- admin:
- # Enable admin portal.
- enabled: false
- # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
- disableAdminToken: false
- ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
- # token:
-
- # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
- smtp:
- enabled: false
- # SMTP hostname, required if SMTP is enabled.
- host: ""
- # SMTP sender e-mail address, required if SMTP is enabled.
- from: ""
- ## SMTP sender name, defaults to 'Bitwarden_RS'.
- # fromName: ""
- ## Enable SSL connection.
- # ssl: true
- ## SMTP port. Defaults to 25 without SSL, 587 with SSL.
- # port: 587
- ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
- # authMechanism: Plain
- ## Hostname to be sent for SMTP HELO. Defaults to pod name.
- # heloName: ""
- ## SMTP timeout.
- # timeout: 15
- ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidHostname: false
- ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidCertificate: false
- ## SMTP username.
- # user: ""
- ## SMTP password. Required is user is specified, ignored if no user provided.
- # password: ""
-
- ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
- yubico:
- enabled: false
- ## Yubico server. Defaults to YubiCloud.
- # server:
- ## Yubico ID and Secret Key.
- # clientId:
- # secretKey:
-
- ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
- log:
- # Log to file.
- file: ""
- # Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
- level: "trace"
- ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
- # timeFormat: ""
-
- icons:
- # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
- disableDownload: false
- ## Cache time-to-live for icons fetched. 0 means no purging.
- # cache: 2592000
- ## Cache time-to-live for icons that were not available. 0 means no purging.
- # cacheFailed: 259200
-
-persistence:
- data:
- enabled: true
- mountPath: "/data"
-
-cnpg:
- main:
- enabled: true
- user: vaultwarden
- database: vaultwarden
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/vaultwarden/20.0.4/questions.yaml b/enterprise/vaultwarden/20.0.4/questions.yaml
deleted file mode 100644
index 4f20eae3219..00000000000
--- a/enterprise/vaultwarden/20.0.4/questions.yaml
+++ /dev/null
@@ -1,2227 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- admin:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "/admin/"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: vaultwarden
- label: ""
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: yubico
- label: "Yubico OTP authentication"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Yubico OTP authentication"
- description: "Please refer to the manual at: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Yubikey-OTP-authentication"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: server
- label: "Yubico server"
- description: "Defaults to YubiCloud"
- schema:
- type: string
- default: ""
- - variable: clientId
- label: "Yubico ID"
- schema:
- type: string
- default: ""
- - variable: secretKey
- label: "Yubico Secret Key"
- schema:
- type: string
- default: ""
- - variable: admin
- label: "Admin Portal"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Admin Portal"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: disableAdminToken
- label: "Make Accessible Without Password/Token"
- schema:
- type: boolean
- default: false
- - variable: token
- label: "Admin Portal Password/Token"
- description: "Will be automatically generated if not defined"
- schema:
- type: string
- default: ""
- - variable: icons
- label: "Icon Download Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disableDownload
- label: "Disable Icon Download"
- description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
- schema:
- type: boolean
- default: false
- - variable: cache
- label: "Cache time-to-live"
- description: "Cache time-to-live for icons fetched. 0 means no purging"
- schema:
- type: int
- default: 2592000
- - variable: token
- label: "Failed Downloads Cache time-to-live"
- description: "Cache time-to-live for icons that were not available. 0 means no purging."
- schema:
- type: int
- default: 2592000
- - variable: log
- label: "Logging"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log level"
- schema:
- type: string
- default: "info"
- required: true
- enum:
- - value: "trace"
- description: "trace"
- - value: "debug"
- description: "debug"
- - value: "info"
- description: "info"
- - value: "warn"
- description: "warn"
- - value: "error"
- description: "error"
- - value: "off"
- description: "off"
- - variable: file
- label: "Log-File Location"
- schema:
- type: string
- default: ""
- - variable: smtp
- label: "SMTP Settings (Email)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable SMTP Support"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "SMTP hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: from
- label: "SMTP sender e-mail address"
- schema:
- type: string
- required: true
- default: ""
- - variable: fromName
- label: "SMTP sender name"
- schema:
- type: string
- required: true
- default: ""
- - variable: user
- label: "SMTP username"
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: "SMTP password"
- description: "Required is user is specified, ignored if no user provided"
- schema:
- type: string
- default: ""
- - variable: ssl
- label: "Enable SSL connection"
- schema:
- type: boolean
- default: true
- - variable: port
- label: "SMTP port"
- description: "Usually: 25 without SSL, 587 with SSL"
- schema:
- type: int
- default: 587
- - variable: authMechanism
- label: "SMTP Authentication Mechanisms"
- description: "Comma-separated options: Plain, Login and Xoauth2"
- schema:
- type: string
- default: "Plain"
- - variable: heloName
- label: "SMTP HELO - Hostname"
- description: "Hostname to be sent for SMTP HELO. Defaults to pod name"
- schema:
- type: string
- default: ""
- - variable: timeout
- label: "SMTP timeout"
- schema:
- type: int
- default: 15
- - variable: invalidHostname
- label: "Accept Invalid Hostname"
- description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: invalidCertificate
- label: "Accept Invalid Certificate"
- description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: allowSignups
- label: "Allow Signup"
- description: "Allow any user to sign-up: https://github.com/dani-garcia/vaultwarden/wiki/Disable-registration-of-new-users"
- schema:
- type: boolean
- default: true
- - variable: allowInvitation
- label: "Always allow Invitation"
- description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/vaultwarden/wiki/Disable-invitations"
- schema:
- type: boolean
- default: true
- - variable: defaultInviteName
- label: "Default Invite Organisation Name"
- description: "Default organization name in invitation e-mails that are not coming from a specific organization."
- schema:
- type: string
- default: ""
- - variable: showPasswordHint
- label: "Show password hints"
- description: "https://github.com/dani-garcia/vaultwarden/wiki/Password-hint-display"
- schema:
- type: boolean
- default: true
- - variable: signupwhitelistenable
- label: "Enable Signup Whitelist"
- description: "allowSignups is ignored if set"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: signupDomains
- label: "Signup Whitelist Domains"
- schema:
- type: list
- default: []
- items:
- - variable: domain
- label: "Domain"
- schema:
- type: string
- default: ""
- - variable: verifySignup
- label: "Verifiy Signup"
- description: "Verify e-mail before login is enabled. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: requireEmail
- label: "Block Login if email fails"
- description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: emailAttempts
- label: "Email token reset attempts"
- description: "Maximum attempts before an email token is reset and a new email will need to be sent"
- schema:
- type: int
- default: 3
- - variable: emailTokenExpiration
- label: "Email token validity in seconds"
- schema:
- type: int
- default: 600
- - variable: enableWebVault
- label: "Enable Webvault"
- description: "Enable Web Vault (static content). https://github.com/dani-garcia/vaultwarden/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
- schema:
- type: boolean
- default: true
- - variable: orgCreationUsers
- label: "Limit Organisation Creation to (users)"
- description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
- schema:
- type: string
- default: "all"
- - variable: attachmentLimitOrg
- label: "Limit Attachment Disk Usage per Organisation"
- schema:
- type: string
- default: ""
- - variable: attachmentLimitUser
- label: "Limit Attachment Disk Usage per User"
- schema:
- type: string
- default: ""
- - variable: hibpApiKey
- label: "HaveIBeenPwned API Key"
- description: "Can be purchased at https://haveibeenpwned.com/API/Key"
- schema:
- type: string
- default: ""
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10102
- required: true
- - variable: ws
- label: "WebSocket Service"
- description: "WebSocket Service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ws
- label: "WebSocket Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 3012
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/vaultwarden/20.0.4/templates/NOTES.txt b/enterprise/vaultwarden/20.0.4/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/vaultwarden/20.0.4/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/vaultwarden/20.0.4/templates/_configmap.tpl b/enterprise/vaultwarden/20.0.4/templates/_configmap.tpl
deleted file mode 100644
index c21ff158df0..00000000000
--- a/enterprise/vaultwarden/20.0.4/templates/_configmap.tpl
+++ /dev/null
@@ -1,112 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "vaultwarden.configmap" -}}
-enabled: true
-data:
- ROCKET_PORT: "8080"
- SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
- {{- if .Values.vaultwarden.signupDomains }}
- SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
- {{- end }}
- {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
- SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
- {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
- REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
- {{- if .Values.vaultwarden.emailAttempts }}
- EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.emailTokenExpiration }}
- EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
- {{- end }}
- INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
- {{- if .Values.vaultwarden.defaultInviteName }}
- INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
- {{- end }}
- SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
- WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
- WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
- ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
- {{- if .Values.vaultwarden.attachmentLimitOrg }}
- ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.attachmentLimitUser }}
- USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.hibpApiKey }}
- HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
- {{- end }}
- {{- include "vaultwarden.dbTypeValid" . }}
- {{- if .Values.database.retries }}
- DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
- {{- end }}
- {{- if .Values.database.maxConnections }}
- DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.smtp.enabled true }}
- SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
- SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
- {{- if .Values.vaultwarden.smtp.fromName }}
- SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.ssl }}
- SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.port }}
- SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.authMechanism }}
- SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.heloName }}
- HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.timeout }}
- SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidHostname }}
- SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidCertificate }}
- SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.log.file }}
- LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
- {{- end }}
- {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
- EXTENDED_LOGGING: "true"
- {{- end }}
- {{- if .Values.vaultwarden.log.level }}
- {{- include "vaultwarden.logLevelValid" . }}
- LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.log.timeFormat }}
- LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.disableDownload }}
- DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
- {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
- ICON_CACHE_TTL: "0"
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cache }}
- ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cacheFailed }}
- ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.admin.enabled true }}
- {{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
- DISABLE_ADMIN_TOKEN: "true"
- {{- end }}
- {{- end }}
- {{- if eq .Values.vaultwarden.yubico.enabled true }}
- {{- if .Values.vaultwarden.yubico.server }}
- YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
- {{- end }}
- {{- end }}
- {{- if eq .Values.database.type "sqlite" }}
- ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
- {{- else }}
- ENABLE_DB_WAL: "false"
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.4/templates/_secrets.tpl b/enterprise/vaultwarden/20.0.4/templates/_secrets.tpl
deleted file mode 100644
index c63f401a965..00000000000
--- a/enterprise/vaultwarden/20.0.4/templates/_secrets.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "vaultwarden.secrets" -}}
-
-{{- $adminToken := "" }}
-{{- if eq .Values.vaultwarden.admin.enabled true }}
-{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | b64enc | quote }}
-{{- end -}}
-
-{{- $smtpUser := "" }}
-{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
-{{- $smtpUser = .Values.vaultwarden.smtp.user | b64enc | quote }}
-{{- end -}}
-
-{{- $yubicoClientId := "" }}
-{{- if eq .Values.vaultwarden.yubico.enabled true }}
-{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | b64enc | quote }}
-{{- end -}}
-enabled: true
-data:
- placeholder: placeholdervalue
- {{- if ne $adminToken "" }}
- ADMIN_TOKEN: {{ $adminToken }}
- {{- end }}
- {{- if ne $smtpUser "" }}
- SMTP_USERNAME: {{ $smtpUser }}
- SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | b64enc | quote }}
- {{- end }}
- {{- if ne $yubicoClientId "" }}
- YUBICO_CLIENT_ID: {{ $yubicoClientId }}
- YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | b64enc | quote }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.4/templates/_validate.tpl b/enterprise/vaultwarden/20.0.4/templates/_validate.tpl
deleted file mode 100644
index e4832c2f6e5..00000000000
--- a/enterprise/vaultwarden/20.0.4/templates/_validate.tpl
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-Ensure valid DB type is select, defaults to SQLite
-*/}}
-{{- define "vaultwarden.dbTypeValid" -}}
-{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
-{{- required "Invalid database type" nil }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Ensure log type is valid
-*/}}
-{{- define "vaultwarden.logLevelValid" -}}
-{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
-{{- required "Invalid log level" nil }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/vaultwarden/20.0.4/templates/common.yaml b/enterprise/vaultwarden/20.0.4/templates/common.yaml
deleted file mode 100644
index 00565a16a7a..00000000000
--- a/enterprise/vaultwarden/20.0.4/templates/common.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{/* Render configmap for vaultwarden */}}
-{{- $configmapFile := include "vaultwarden.configmap" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "vaultwardenconfig" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for vaultwarden */}}
-{{- $secret := include "vaultwarden.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "vaultwardensecret" $secret -}}
-{{- end -}}
-
-{{/* Define path for websocket */}}
-{{- define "vaultwarden.websocket" -}}
-{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" . -}}
-path: "/notifications/hub"
-# -- Ignored if not kubeVersion >= 1.14-0
-pathType: Prefix
-service:
- # -- Overrides the service name reference for this path
- name: {{ printf "%s-ws" $fullname }}
- port: {{ .Values.service.ws.ports.ws.port }}
-{{- end -}}
-
-{{/* inject websocket path to all main ingress hosts*/}}
-{{- define "vaultwarden.websocketinjector" -}}
-{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
-{{- if .Values.ingress.main.enabled }}
-{{- range .Values.ingress.main.hosts }}
-{{- $newpaths := list }}
-{{- $newpaths := concat .paths $path }}
-{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{/* inject websocket paths in ingress */}}
-{{- include "vaultwarden.websocketinjector" . }}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/vaultwarden/20.0.4/values.yaml b/enterprise/vaultwarden/20.0.4/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/vaultwarden/20.0.5/CHANGELOG.md b/enterprise/vaultwarden/20.0.5/CHANGELOG.md
deleted file mode 100644
index 653be2ea984..00000000000
--- a/enterprise/vaultwarden/20.0.5/CHANGELOG.md
+++ /dev/null
@@ -1,48 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [vaultwarden-20.0.5](https://github.com/truecharts/charts/compare/vaultwarden-20.0.4...vaultwarden-20.0.5) (2023-03-06)
-
-### Fix
-
-- don't base64 encode secret anymore
-
-
-
-
-## [vaultwarden-20.0.4](https://github.com/truecharts/charts/compare/vaultwarden-20.0.3...vaultwarden-20.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [vaultwarden-20.0.3](https://github.com/truecharts/charts/compare/vaultwarden-20.0.1...vaultwarden-20.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [vaultwarden-20.0.1](https://github.com/truecharts/charts/compare/vaultwarden-20.0.0...vaultwarden-20.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [vaultwarden-20.0.0](https://github.com/truecharts/charts/compare/vaultwarden-19.0.23...vaultwarden-20.0.0) (2023-03-04)
-
diff --git a/enterprise/vaultwarden/20.0.5/Chart.yaml b/enterprise/vaultwarden/20.0.5/Chart.yaml
deleted file mode 100644
index f981a43864f..00000000000
--- a/enterprise/vaultwarden/20.0.5/Chart.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: v2
-appVersion: "1.27.0"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.19
-deprecated: false
-description: Unofficial Bitwarden compatible server written in Rust
-home: https://truecharts.org/charts/enterprise/vaultwarden
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
-keywords:
- - bitwarden
- - bitwardenrs
- - bitwarden_rs
- - vaultwarden
- - password
- - rust
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: vaultwarden
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden
- - https://github.com/dani-garcia/vaultwarden
-type: application
-version: 20.0.5
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/vaultwarden/20.0.5/LICENSE b/enterprise/vaultwarden/20.0.5/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/vaultwarden/20.0.5/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/vaultwarden/20.0.5/README.md b/enterprise/vaultwarden/20.0.5/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/vaultwarden/20.0.5/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/vaultwarden/20.0.5/app-changelog.md b/enterprise/vaultwarden/20.0.5/app-changelog.md
deleted file mode 100644
index 258739116de..00000000000
--- a/enterprise/vaultwarden/20.0.5/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [vaultwarden-20.0.5](https://github.com/truecharts/charts/compare/vaultwarden-20.0.4...vaultwarden-20.0.5) (2023-03-06)
-
-### Fix
-
-- don't base64 encode secret anymore
-
-
\ No newline at end of file
diff --git a/enterprise/vaultwarden/20.0.5/app-readme.md b/enterprise/vaultwarden/20.0.5/app-readme.md
deleted file mode 100644
index 08d9cc8b1dd..00000000000
--- a/enterprise/vaultwarden/20.0.5/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Unofficial Bitwarden compatible server written in Rust
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/vaultwarden](https://truecharts.org/charts/enterprise/vaultwarden)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/vaultwarden/20.0.5/charts/common-12.2.19.tgz b/enterprise/vaultwarden/20.0.5/charts/common-12.2.19.tgz
deleted file mode 100644
index 7959002233d..00000000000
Binary files a/enterprise/vaultwarden/20.0.5/charts/common-12.2.19.tgz and /dev/null differ
diff --git a/enterprise/vaultwarden/20.0.5/ix_values.yaml b/enterprise/vaultwarden/20.0.5/ix_values.yaml
deleted file mode 100644
index 3389326acfe..00000000000
--- a/enterprise/vaultwarden/20.0.5/ix_values.yaml
+++ /dev/null
@@ -1,164 +0,0 @@
-image:
- repository: tccr.io/truecharts/vaultwarden
- pullPolicy: IfNotPresent
- tag: 1.27.0@sha256:e80b8a6a8b05928d9703eda1c7ebd2c8f1c0b9deed1734ce31c2ec6d70aed323
-
-service:
- main:
- ports:
- main:
- port: 10102
- targetPort: 8080
- ws:
- enabled: true
- ports:
- ws:
- enabled: true
- port: 3012
- targetPort: 3012
-
-workload:
- main:
- podSpec:
- containers:
- main:
- env:
- DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
- DATABASE_URL:
- secretKeyRef:
- name: cnpg-main-urls
- key: std
-
- envFrom:
- - configMapRef:
- name: vaultwardenconfig
- - secretRef:
- name: vaultwardensecret
-
-database:
- # -- Database type,
- # must be one of: 'sqlite', 'mysql' or 'postgresql'.
- type: postgresql
- # -- Enable DB Write-Ahead-Log for SQLite,
- # disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
- wal: true
- ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
- # url: ""
- ## Set the size of the database connection pool.
- # maxConnections: 10
- ## Connection retries during startup, 0 for infinite. 1 second between retries.
- # retries: 15
-
-# Set Bitwarden_rs application variables
-vaultwarden:
- # -- Allow any user to sign-up
- # see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
- allowSignups: true
- ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
- # signupDomains:
- # - domain.tld
- # -- Verify e-mail before login is enabled.
- # SMTP must be enabled.
- verifySignup: false
- # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
- requireEmail: false
- ## Maximum attempts before an email token is reset and a new email will need to be sent.
- # emailAttempts: 3
- ## Email token validity in seconds.
- # emailTokenExpiration: 600
- # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
- allowInvitation: true
- # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
- ## Default organization name in invitation e-mails that are not coming from a specific organization.
- # defaultInviteName: ""
- showPasswordHint: true
- # Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
- # Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
- enableWebsockets: true
- # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
- enableWebVault: true
- # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
- orgCreationUsers: all
- ## Limit attachment disk usage per organization.
- # attachmentLimitOrg:
- ## Limit attachment disk usage per user.
- # attachmentLimitUser:
- ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
- # hibpApiKey:
-
- admin:
- # Enable admin portal.
- enabled: false
- # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
- disableAdminToken: false
- ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
- # token:
-
- # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
- smtp:
- enabled: false
- # SMTP hostname, required if SMTP is enabled.
- host: ""
- # SMTP sender e-mail address, required if SMTP is enabled.
- from: ""
- ## SMTP sender name, defaults to 'Bitwarden_RS'.
- # fromName: ""
- ## Enable SSL connection.
- # ssl: true
- ## SMTP port. Defaults to 25 without SSL, 587 with SSL.
- # port: 587
- ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
- # authMechanism: Plain
- ## Hostname to be sent for SMTP HELO. Defaults to pod name.
- # heloName: ""
- ## SMTP timeout.
- # timeout: 15
- ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidHostname: false
- ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidCertificate: false
- ## SMTP username.
- # user: ""
- ## SMTP password. Required is user is specified, ignored if no user provided.
- # password: ""
-
- ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
- yubico:
- enabled: false
- ## Yubico server. Defaults to YubiCloud.
- # server:
- ## Yubico ID and Secret Key.
- # clientId:
- # secretKey:
-
- ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
- log:
- # Log to file.
- file: ""
- # Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
- level: "trace"
- ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
- # timeFormat: ""
-
- icons:
- # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
- disableDownload: false
- ## Cache time-to-live for icons fetched. 0 means no purging.
- # cache: 2592000
- ## Cache time-to-live for icons that were not available. 0 means no purging.
- # cacheFailed: 259200
-
-persistence:
- data:
- enabled: true
- mountPath: "/data"
-
-cnpg:
- main:
- enabled: true
- user: vaultwarden
- database: vaultwarden
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/vaultwarden/20.0.5/questions.yaml b/enterprise/vaultwarden/20.0.5/questions.yaml
deleted file mode 100644
index 4f20eae3219..00000000000
--- a/enterprise/vaultwarden/20.0.5/questions.yaml
+++ /dev/null
@@ -1,2227 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- admin:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "/admin/"
-questions:
-
- - variable: Workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: vaultwarden
- label: ""
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: yubico
- label: "Yubico OTP authentication"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Yubico OTP authentication"
- description: "Please refer to the manual at: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Yubikey-OTP-authentication"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: server
- label: "Yubico server"
- description: "Defaults to YubiCloud"
- schema:
- type: string
- default: ""
- - variable: clientId
- label: "Yubico ID"
- schema:
- type: string
- default: ""
- - variable: secretKey
- label: "Yubico Secret Key"
- schema:
- type: string
- default: ""
- - variable: admin
- label: "Admin Portal"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Admin Portal"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: disableAdminToken
- label: "Make Accessible Without Password/Token"
- schema:
- type: boolean
- default: false
- - variable: token
- label: "Admin Portal Password/Token"
- description: "Will be automatically generated if not defined"
- schema:
- type: string
- default: ""
- - variable: icons
- label: "Icon Download Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disableDownload
- label: "Disable Icon Download"
- description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
- schema:
- type: boolean
- default: false
- - variable: cache
- label: "Cache time-to-live"
- description: "Cache time-to-live for icons fetched. 0 means no purging"
- schema:
- type: int
- default: 2592000
- - variable: token
- label: "Failed Downloads Cache time-to-live"
- description: "Cache time-to-live for icons that were not available. 0 means no purging."
- schema:
- type: int
- default: 2592000
- - variable: log
- label: "Logging"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log level"
- schema:
- type: string
- default: "info"
- required: true
- enum:
- - value: "trace"
- description: "trace"
- - value: "debug"
- description: "debug"
- - value: "info"
- description: "info"
- - value: "warn"
- description: "warn"
- - value: "error"
- description: "error"
- - value: "off"
- description: "off"
- - variable: file
- label: "Log-File Location"
- schema:
- type: string
- default: ""
- - variable: smtp
- label: "SMTP Settings (Email)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable SMTP Support"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "SMTP hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: from
- label: "SMTP sender e-mail address"
- schema:
- type: string
- required: true
- default: ""
- - variable: fromName
- label: "SMTP sender name"
- schema:
- type: string
- required: true
- default: ""
- - variable: user
- label: "SMTP username"
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: "SMTP password"
- description: "Required is user is specified, ignored if no user provided"
- schema:
- type: string
- default: ""
- - variable: ssl
- label: "Enable SSL connection"
- schema:
- type: boolean
- default: true
- - variable: port
- label: "SMTP port"
- description: "Usually: 25 without SSL, 587 with SSL"
- schema:
- type: int
- default: 587
- - variable: authMechanism
- label: "SMTP Authentication Mechanisms"
- description: "Comma-separated options: Plain, Login and Xoauth2"
- schema:
- type: string
- default: "Plain"
- - variable: heloName
- label: "SMTP HELO - Hostname"
- description: "Hostname to be sent for SMTP HELO. Defaults to pod name"
- schema:
- type: string
- default: ""
- - variable: timeout
- label: "SMTP timeout"
- schema:
- type: int
- default: 15
- - variable: invalidHostname
- label: "Accept Invalid Hostname"
- description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: invalidCertificate
- label: "Accept Invalid Certificate"
- description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: allowSignups
- label: "Allow Signup"
- description: "Allow any user to sign-up: https://github.com/dani-garcia/vaultwarden/wiki/Disable-registration-of-new-users"
- schema:
- type: boolean
- default: true
- - variable: allowInvitation
- label: "Always allow Invitation"
- description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/vaultwarden/wiki/Disable-invitations"
- schema:
- type: boolean
- default: true
- - variable: defaultInviteName
- label: "Default Invite Organisation Name"
- description: "Default organization name in invitation e-mails that are not coming from a specific organization."
- schema:
- type: string
- default: ""
- - variable: showPasswordHint
- label: "Show password hints"
- description: "https://github.com/dani-garcia/vaultwarden/wiki/Password-hint-display"
- schema:
- type: boolean
- default: true
- - variable: signupwhitelistenable
- label: "Enable Signup Whitelist"
- description: "allowSignups is ignored if set"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: signupDomains
- label: "Signup Whitelist Domains"
- schema:
- type: list
- default: []
- items:
- - variable: domain
- label: "Domain"
- schema:
- type: string
- default: ""
- - variable: verifySignup
- label: "Verifiy Signup"
- description: "Verify e-mail before login is enabled. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: requireEmail
- label: "Block Login if email fails"
- description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: emailAttempts
- label: "Email token reset attempts"
- description: "Maximum attempts before an email token is reset and a new email will need to be sent"
- schema:
- type: int
- default: 3
- - variable: emailTokenExpiration
- label: "Email token validity in seconds"
- schema:
- type: int
- default: 600
- - variable: enableWebVault
- label: "Enable Webvault"
- description: "Enable Web Vault (static content). https://github.com/dani-garcia/vaultwarden/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
- schema:
- type: boolean
- default: true
- - variable: orgCreationUsers
- label: "Limit Organisation Creation to (users)"
- description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
- schema:
- type: string
- default: "all"
- - variable: attachmentLimitOrg
- label: "Limit Attachment Disk Usage per Organisation"
- schema:
- type: string
- default: ""
- - variable: attachmentLimitUser
- label: "Limit Attachment Disk Usage per User"
- schema:
- type: string
- default: ""
- - variable: hibpApiKey
- label: "HaveIBeenPwned API Key"
- description: "Can be purchased at https://haveibeenpwned.com/API/Key"
- schema:
- type: string
- default: ""
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10102
- required: true
- - variable: ws
- label: "WebSocket Service"
- description: "WebSocket Service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ws
- label: "WebSocket Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 3012
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/vaultwarden/20.0.5/templates/NOTES.txt b/enterprise/vaultwarden/20.0.5/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/vaultwarden/20.0.5/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/vaultwarden/20.0.5/templates/_configmap.tpl b/enterprise/vaultwarden/20.0.5/templates/_configmap.tpl
deleted file mode 100644
index c21ff158df0..00000000000
--- a/enterprise/vaultwarden/20.0.5/templates/_configmap.tpl
+++ /dev/null
@@ -1,112 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "vaultwarden.configmap" -}}
-enabled: true
-data:
- ROCKET_PORT: "8080"
- SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
- {{- if .Values.vaultwarden.signupDomains }}
- SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
- {{- end }}
- {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
- SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
- {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
- REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
- {{- if .Values.vaultwarden.emailAttempts }}
- EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.emailTokenExpiration }}
- EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
- {{- end }}
- INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
- {{- if .Values.vaultwarden.defaultInviteName }}
- INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
- {{- end }}
- SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
- WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
- WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
- ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
- {{- if .Values.vaultwarden.attachmentLimitOrg }}
- ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.attachmentLimitUser }}
- USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.hibpApiKey }}
- HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
- {{- end }}
- {{- include "vaultwarden.dbTypeValid" . }}
- {{- if .Values.database.retries }}
- DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
- {{- end }}
- {{- if .Values.database.maxConnections }}
- DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.smtp.enabled true }}
- SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
- SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
- {{- if .Values.vaultwarden.smtp.fromName }}
- SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.ssl }}
- SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.port }}
- SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.authMechanism }}
- SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.heloName }}
- HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.timeout }}
- SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidHostname }}
- SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidCertificate }}
- SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.log.file }}
- LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
- {{- end }}
- {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
- EXTENDED_LOGGING: "true"
- {{- end }}
- {{- if .Values.vaultwarden.log.level }}
- {{- include "vaultwarden.logLevelValid" . }}
- LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.log.timeFormat }}
- LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.disableDownload }}
- DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
- {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
- ICON_CACHE_TTL: "0"
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cache }}
- ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cacheFailed }}
- ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.admin.enabled true }}
- {{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
- DISABLE_ADMIN_TOKEN: "true"
- {{- end }}
- {{- end }}
- {{- if eq .Values.vaultwarden.yubico.enabled true }}
- {{- if .Values.vaultwarden.yubico.server }}
- YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
- {{- end }}
- {{- end }}
- {{- if eq .Values.database.type "sqlite" }}
- ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
- {{- else }}
- ENABLE_DB_WAL: "false"
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.5/templates/_secrets.tpl b/enterprise/vaultwarden/20.0.5/templates/_secrets.tpl
deleted file mode 100644
index a33f037cf71..00000000000
--- a/enterprise/vaultwarden/20.0.5/templates/_secrets.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "vaultwarden.secrets" -}}
-
-{{- $adminToken := "" }}
-{{- if eq .Values.vaultwarden.admin.enabled true }}
-{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | quote }}
-{{- end -}}
-
-{{- $smtpUser := "" }}
-{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
-{{- $smtpUser = .Values.vaultwarden.smtp.user | quote }}
-{{- end -}}
-
-{{- $yubicoClientId := "" }}
-{{- if eq .Values.vaultwarden.yubico.enabled true }}
-{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | quote }}
-{{- end -}}
-enabled: true
-data:
- placeholder: placeholdervalue
- {{- if ne $adminToken "" }}
- ADMIN_TOKEN: {{ $adminToken }}
- {{- end }}
- {{- if ne $smtpUser "" }}
- SMTP_USERNAME: {{ $smtpUser }}
- SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | quote }}
- {{- end }}
- {{- if ne $yubicoClientId "" }}
- YUBICO_CLIENT_ID: {{ $yubicoClientId }}
- YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | quote }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.5/templates/_validate.tpl b/enterprise/vaultwarden/20.0.5/templates/_validate.tpl
deleted file mode 100644
index e4832c2f6e5..00000000000
--- a/enterprise/vaultwarden/20.0.5/templates/_validate.tpl
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-Ensure valid DB type is select, defaults to SQLite
-*/}}
-{{- define "vaultwarden.dbTypeValid" -}}
-{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
-{{- required "Invalid database type" nil }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Ensure log type is valid
-*/}}
-{{- define "vaultwarden.logLevelValid" -}}
-{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
-{{- required "Invalid log level" nil }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/vaultwarden/20.0.5/templates/common.yaml b/enterprise/vaultwarden/20.0.5/templates/common.yaml
deleted file mode 100644
index 00565a16a7a..00000000000
--- a/enterprise/vaultwarden/20.0.5/templates/common.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{/* Render configmap for vaultwarden */}}
-{{- $configmapFile := include "vaultwarden.configmap" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "vaultwardenconfig" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for vaultwarden */}}
-{{- $secret := include "vaultwarden.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "vaultwardensecret" $secret -}}
-{{- end -}}
-
-{{/* Define path for websocket */}}
-{{- define "vaultwarden.websocket" -}}
-{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" . -}}
-path: "/notifications/hub"
-# -- Ignored if not kubeVersion >= 1.14-0
-pathType: Prefix
-service:
- # -- Overrides the service name reference for this path
- name: {{ printf "%s-ws" $fullname }}
- port: {{ .Values.service.ws.ports.ws.port }}
-{{- end -}}
-
-{{/* inject websocket path to all main ingress hosts*/}}
-{{- define "vaultwarden.websocketinjector" -}}
-{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
-{{- if .Values.ingress.main.enabled }}
-{{- range .Values.ingress.main.hosts }}
-{{- $newpaths := list }}
-{{- $newpaths := concat .paths $path }}
-{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{/* inject websocket paths in ingress */}}
-{{- include "vaultwarden.websocketinjector" . }}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/vaultwarden/20.0.5/values.yaml b/enterprise/vaultwarden/20.0.5/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/vaultwarden/20.0.6/CHANGELOG.md b/enterprise/vaultwarden/20.0.6/CHANGELOG.md
deleted file mode 100644
index f5b33d6853d..00000000000
--- a/enterprise/vaultwarden/20.0.6/CHANGELOG.md
+++ /dev/null
@@ -1,57 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [vaultwarden-20.0.6](https://github.com/truecharts/charts/compare/vaultwarden-20.0.5...vaultwarden-20.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [vaultwarden-20.0.5](https://github.com/truecharts/charts/compare/vaultwarden-20.0.4...vaultwarden-20.0.5) (2023-03-06)
-
-### Fix
-
-- don't base64 encode secret anymore
-
-
-
-
-## [vaultwarden-20.0.4](https://github.com/truecharts/charts/compare/vaultwarden-20.0.3...vaultwarden-20.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [vaultwarden-20.0.3](https://github.com/truecharts/charts/compare/vaultwarden-20.0.1...vaultwarden-20.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [vaultwarden-20.0.1](https://github.com/truecharts/charts/compare/vaultwarden-20.0.0...vaultwarden-20.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [vaultwarden-20.0.0](https://github.com/truecharts/charts/compare/vaultwarden-19.0.23...vaultwarden-20.0.0) (2023-03-04)
-
diff --git a/enterprise/vaultwarden/20.0.6/Chart.yaml b/enterprise/vaultwarden/20.0.6/Chart.yaml
deleted file mode 100644
index 175498a688d..00000000000
--- a/enterprise/vaultwarden/20.0.6/Chart.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: v2
-appVersion: "1.27.0"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.24
-deprecated: false
-description: Unofficial Bitwarden compatible server written in Rust
-home: https://truecharts.org/charts/enterprise/vaultwarden
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
-keywords:
- - bitwarden
- - bitwardenrs
- - bitwarden_rs
- - vaultwarden
- - password
- - rust
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: vaultwarden
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden
- - https://github.com/dani-garcia/vaultwarden
-type: application
-version: 20.0.6
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/vaultwarden/20.0.6/LICENSE b/enterprise/vaultwarden/20.0.6/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/vaultwarden/20.0.6/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/vaultwarden/20.0.6/README.md b/enterprise/vaultwarden/20.0.6/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/vaultwarden/20.0.6/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/vaultwarden/20.0.6/app-changelog.md b/enterprise/vaultwarden/20.0.6/app-changelog.md
deleted file mode 100644
index 2960ae010ef..00000000000
--- a/enterprise/vaultwarden/20.0.6/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [vaultwarden-20.0.6](https://github.com/truecharts/charts/compare/vaultwarden-20.0.5...vaultwarden-20.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
\ No newline at end of file
diff --git a/enterprise/vaultwarden/20.0.6/app-readme.md b/enterprise/vaultwarden/20.0.6/app-readme.md
deleted file mode 100644
index 08d9cc8b1dd..00000000000
--- a/enterprise/vaultwarden/20.0.6/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Unofficial Bitwarden compatible server written in Rust
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/vaultwarden](https://truecharts.org/charts/enterprise/vaultwarden)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/vaultwarden/20.0.6/charts/common-12.2.24.tgz b/enterprise/vaultwarden/20.0.6/charts/common-12.2.24.tgz
deleted file mode 100644
index d9155693b5d..00000000000
Binary files a/enterprise/vaultwarden/20.0.6/charts/common-12.2.24.tgz and /dev/null differ
diff --git a/enterprise/vaultwarden/20.0.6/ix_values.yaml b/enterprise/vaultwarden/20.0.6/ix_values.yaml
deleted file mode 100644
index 3389326acfe..00000000000
--- a/enterprise/vaultwarden/20.0.6/ix_values.yaml
+++ /dev/null
@@ -1,164 +0,0 @@
-image:
- repository: tccr.io/truecharts/vaultwarden
- pullPolicy: IfNotPresent
- tag: 1.27.0@sha256:e80b8a6a8b05928d9703eda1c7ebd2c8f1c0b9deed1734ce31c2ec6d70aed323
-
-service:
- main:
- ports:
- main:
- port: 10102
- targetPort: 8080
- ws:
- enabled: true
- ports:
- ws:
- enabled: true
- port: 3012
- targetPort: 3012
-
-workload:
- main:
- podSpec:
- containers:
- main:
- env:
- DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
- DATABASE_URL:
- secretKeyRef:
- name: cnpg-main-urls
- key: std
-
- envFrom:
- - configMapRef:
- name: vaultwardenconfig
- - secretRef:
- name: vaultwardensecret
-
-database:
- # -- Database type,
- # must be one of: 'sqlite', 'mysql' or 'postgresql'.
- type: postgresql
- # -- Enable DB Write-Ahead-Log for SQLite,
- # disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
- wal: true
- ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
- # url: ""
- ## Set the size of the database connection pool.
- # maxConnections: 10
- ## Connection retries during startup, 0 for infinite. 1 second between retries.
- # retries: 15
-
-# Set Bitwarden_rs application variables
-vaultwarden:
- # -- Allow any user to sign-up
- # see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
- allowSignups: true
- ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
- # signupDomains:
- # - domain.tld
- # -- Verify e-mail before login is enabled.
- # SMTP must be enabled.
- verifySignup: false
- # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
- requireEmail: false
- ## Maximum attempts before an email token is reset and a new email will need to be sent.
- # emailAttempts: 3
- ## Email token validity in seconds.
- # emailTokenExpiration: 600
- # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
- allowInvitation: true
- # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
- ## Default organization name in invitation e-mails that are not coming from a specific organization.
- # defaultInviteName: ""
- showPasswordHint: true
- # Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
- # Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
- enableWebsockets: true
- # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
- enableWebVault: true
- # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
- orgCreationUsers: all
- ## Limit attachment disk usage per organization.
- # attachmentLimitOrg:
- ## Limit attachment disk usage per user.
- # attachmentLimitUser:
- ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
- # hibpApiKey:
-
- admin:
- # Enable admin portal.
- enabled: false
- # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
- disableAdminToken: false
- ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
- # token:
-
- # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
- smtp:
- enabled: false
- # SMTP hostname, required if SMTP is enabled.
- host: ""
- # SMTP sender e-mail address, required if SMTP is enabled.
- from: ""
- ## SMTP sender name, defaults to 'Bitwarden_RS'.
- # fromName: ""
- ## Enable SSL connection.
- # ssl: true
- ## SMTP port. Defaults to 25 without SSL, 587 with SSL.
- # port: 587
- ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
- # authMechanism: Plain
- ## Hostname to be sent for SMTP HELO. Defaults to pod name.
- # heloName: ""
- ## SMTP timeout.
- # timeout: 15
- ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidHostname: false
- ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidCertificate: false
- ## SMTP username.
- # user: ""
- ## SMTP password. Required is user is specified, ignored if no user provided.
- # password: ""
-
- ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
- yubico:
- enabled: false
- ## Yubico server. Defaults to YubiCloud.
- # server:
- ## Yubico ID and Secret Key.
- # clientId:
- # secretKey:
-
- ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
- log:
- # Log to file.
- file: ""
- # Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
- level: "trace"
- ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
- # timeFormat: ""
-
- icons:
- # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
- disableDownload: false
- ## Cache time-to-live for icons fetched. 0 means no purging.
- # cache: 2592000
- ## Cache time-to-live for icons that were not available. 0 means no purging.
- # cacheFailed: 259200
-
-persistence:
- data:
- enabled: true
- mountPath: "/data"
-
-cnpg:
- main:
- enabled: true
- user: vaultwarden
- database: vaultwarden
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/vaultwarden/20.0.6/questions.yaml b/enterprise/vaultwarden/20.0.6/questions.yaml
deleted file mode 100644
index 948e651f360..00000000000
--- a/enterprise/vaultwarden/20.0.6/questions.yaml
+++ /dev/null
@@ -1,2227 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- admin:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "/admin/"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: Daemonset
- description: Daemonset
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "Daemonset"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: vaultwarden
- label: ""
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: yubico
- label: "Yubico OTP authentication"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Yubico OTP authentication"
- description: "Please refer to the manual at: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Yubikey-OTP-authentication"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: server
- label: "Yubico server"
- description: "Defaults to YubiCloud"
- schema:
- type: string
- default: ""
- - variable: clientId
- label: "Yubico ID"
- schema:
- type: string
- default: ""
- - variable: secretKey
- label: "Yubico Secret Key"
- schema:
- type: string
- default: ""
- - variable: admin
- label: "Admin Portal"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Admin Portal"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: disableAdminToken
- label: "Make Accessible Without Password/Token"
- schema:
- type: boolean
- default: false
- - variable: token
- label: "Admin Portal Password/Token"
- description: "Will be automatically generated if not defined"
- schema:
- type: string
- default: ""
- - variable: icons
- label: "Icon Download Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disableDownload
- label: "Disable Icon Download"
- description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
- schema:
- type: boolean
- default: false
- - variable: cache
- label: "Cache time-to-live"
- description: "Cache time-to-live for icons fetched. 0 means no purging"
- schema:
- type: int
- default: 2592000
- - variable: token
- label: "Failed Downloads Cache time-to-live"
- description: "Cache time-to-live for icons that were not available. 0 means no purging."
- schema:
- type: int
- default: 2592000
- - variable: log
- label: "Logging"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log level"
- schema:
- type: string
- default: "info"
- required: true
- enum:
- - value: "trace"
- description: "trace"
- - value: "debug"
- description: "debug"
- - value: "info"
- description: "info"
- - value: "warn"
- description: "warn"
- - value: "error"
- description: "error"
- - value: "off"
- description: "off"
- - variable: file
- label: "Log-File Location"
- schema:
- type: string
- default: ""
- - variable: smtp
- label: "SMTP Settings (Email)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable SMTP Support"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "SMTP hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: from
- label: "SMTP sender e-mail address"
- schema:
- type: string
- required: true
- default: ""
- - variable: fromName
- label: "SMTP sender name"
- schema:
- type: string
- required: true
- default: ""
- - variable: user
- label: "SMTP username"
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: "SMTP password"
- description: "Required is user is specified, ignored if no user provided"
- schema:
- type: string
- default: ""
- - variable: ssl
- label: "Enable SSL connection"
- schema:
- type: boolean
- default: true
- - variable: port
- label: "SMTP port"
- description: "Usually: 25 without SSL, 587 with SSL"
- schema:
- type: int
- default: 587
- - variable: authMechanism
- label: "SMTP Authentication Mechanisms"
- description: "Comma-separated options: Plain, Login and Xoauth2"
- schema:
- type: string
- default: "Plain"
- - variable: heloName
- label: "SMTP HELO - Hostname"
- description: "Hostname to be sent for SMTP HELO. Defaults to pod name"
- schema:
- type: string
- default: ""
- - variable: timeout
- label: "SMTP timeout"
- schema:
- type: int
- default: 15
- - variable: invalidHostname
- label: "Accept Invalid Hostname"
- description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: invalidCertificate
- label: "Accept Invalid Certificate"
- description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: allowSignups
- label: "Allow Signup"
- description: "Allow any user to sign-up: https://github.com/dani-garcia/vaultwarden/wiki/Disable-registration-of-new-users"
- schema:
- type: boolean
- default: true
- - variable: allowInvitation
- label: "Always allow Invitation"
- description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/vaultwarden/wiki/Disable-invitations"
- schema:
- type: boolean
- default: true
- - variable: defaultInviteName
- label: "Default Invite Organisation Name"
- description: "Default organization name in invitation e-mails that are not coming from a specific organization."
- schema:
- type: string
- default: ""
- - variable: showPasswordHint
- label: "Show password hints"
- description: "https://github.com/dani-garcia/vaultwarden/wiki/Password-hint-display"
- schema:
- type: boolean
- default: true
- - variable: signupwhitelistenable
- label: "Enable Signup Whitelist"
- description: "allowSignups is ignored if set"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: signupDomains
- label: "Signup Whitelist Domains"
- schema:
- type: list
- default: []
- items:
- - variable: domain
- label: "Domain"
- schema:
- type: string
- default: ""
- - variable: verifySignup
- label: "Verifiy Signup"
- description: "Verify e-mail before login is enabled. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: requireEmail
- label: "Block Login if email fails"
- description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: emailAttempts
- label: "Email token reset attempts"
- description: "Maximum attempts before an email token is reset and a new email will need to be sent"
- schema:
- type: int
- default: 3
- - variable: emailTokenExpiration
- label: "Email token validity in seconds"
- schema:
- type: int
- default: 600
- - variable: enableWebVault
- label: "Enable Webvault"
- description: "Enable Web Vault (static content). https://github.com/dani-garcia/vaultwarden/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
- schema:
- type: boolean
- default: true
- - variable: orgCreationUsers
- label: "Limit Organisation Creation to (users)"
- description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
- schema:
- type: string
- default: "all"
- - variable: attachmentLimitOrg
- label: "Limit Attachment Disk Usage per Organisation"
- schema:
- type: string
- default: ""
- - variable: attachmentLimitUser
- label: "Limit Attachment Disk Usage per User"
- schema:
- type: string
- default: ""
- - variable: hibpApiKey
- label: "HaveIBeenPwned API Key"
- description: "Can be purchased at https://haveibeenpwned.com/API/Key"
- schema:
- type: string
- default: ""
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10102
- required: true
- - variable: ws
- label: "WebSocket Service"
- description: "WebSocket Service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ws
- label: "WebSocket Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 3012
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/vaultwarden/20.0.6/templates/NOTES.txt b/enterprise/vaultwarden/20.0.6/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/vaultwarden/20.0.6/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/vaultwarden/20.0.6/templates/_configmap.tpl b/enterprise/vaultwarden/20.0.6/templates/_configmap.tpl
deleted file mode 100644
index c21ff158df0..00000000000
--- a/enterprise/vaultwarden/20.0.6/templates/_configmap.tpl
+++ /dev/null
@@ -1,112 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "vaultwarden.configmap" -}}
-enabled: true
-data:
- ROCKET_PORT: "8080"
- SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
- {{- if .Values.vaultwarden.signupDomains }}
- SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
- {{- end }}
- {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
- SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
- {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
- REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
- {{- if .Values.vaultwarden.emailAttempts }}
- EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.emailTokenExpiration }}
- EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
- {{- end }}
- INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
- {{- if .Values.vaultwarden.defaultInviteName }}
- INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
- {{- end }}
- SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
- WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
- WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
- ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
- {{- if .Values.vaultwarden.attachmentLimitOrg }}
- ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.attachmentLimitUser }}
- USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.hibpApiKey }}
- HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
- {{- end }}
- {{- include "vaultwarden.dbTypeValid" . }}
- {{- if .Values.database.retries }}
- DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
- {{- end }}
- {{- if .Values.database.maxConnections }}
- DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.smtp.enabled true }}
- SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
- SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
- {{- if .Values.vaultwarden.smtp.fromName }}
- SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.ssl }}
- SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.port }}
- SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.authMechanism }}
- SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.heloName }}
- HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.timeout }}
- SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidHostname }}
- SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidCertificate }}
- SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.log.file }}
- LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
- {{- end }}
- {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
- EXTENDED_LOGGING: "true"
- {{- end }}
- {{- if .Values.vaultwarden.log.level }}
- {{- include "vaultwarden.logLevelValid" . }}
- LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.log.timeFormat }}
- LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.disableDownload }}
- DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
- {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
- ICON_CACHE_TTL: "0"
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cache }}
- ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cacheFailed }}
- ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.admin.enabled true }}
- {{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
- DISABLE_ADMIN_TOKEN: "true"
- {{- end }}
- {{- end }}
- {{- if eq .Values.vaultwarden.yubico.enabled true }}
- {{- if .Values.vaultwarden.yubico.server }}
- YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
- {{- end }}
- {{- end }}
- {{- if eq .Values.database.type "sqlite" }}
- ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
- {{- else }}
- ENABLE_DB_WAL: "false"
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.6/templates/_secrets.tpl b/enterprise/vaultwarden/20.0.6/templates/_secrets.tpl
deleted file mode 100644
index a33f037cf71..00000000000
--- a/enterprise/vaultwarden/20.0.6/templates/_secrets.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "vaultwarden.secrets" -}}
-
-{{- $adminToken := "" }}
-{{- if eq .Values.vaultwarden.admin.enabled true }}
-{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | quote }}
-{{- end -}}
-
-{{- $smtpUser := "" }}
-{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
-{{- $smtpUser = .Values.vaultwarden.smtp.user | quote }}
-{{- end -}}
-
-{{- $yubicoClientId := "" }}
-{{- if eq .Values.vaultwarden.yubico.enabled true }}
-{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | quote }}
-{{- end -}}
-enabled: true
-data:
- placeholder: placeholdervalue
- {{- if ne $adminToken "" }}
- ADMIN_TOKEN: {{ $adminToken }}
- {{- end }}
- {{- if ne $smtpUser "" }}
- SMTP_USERNAME: {{ $smtpUser }}
- SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | quote }}
- {{- end }}
- {{- if ne $yubicoClientId "" }}
- YUBICO_CLIENT_ID: {{ $yubicoClientId }}
- YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | quote }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.6/templates/_validate.tpl b/enterprise/vaultwarden/20.0.6/templates/_validate.tpl
deleted file mode 100644
index e4832c2f6e5..00000000000
--- a/enterprise/vaultwarden/20.0.6/templates/_validate.tpl
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-Ensure valid DB type is select, defaults to SQLite
-*/}}
-{{- define "vaultwarden.dbTypeValid" -}}
-{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
-{{- required "Invalid database type" nil }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Ensure log type is valid
-*/}}
-{{- define "vaultwarden.logLevelValid" -}}
-{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
-{{- required "Invalid log level" nil }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/vaultwarden/20.0.6/templates/common.yaml b/enterprise/vaultwarden/20.0.6/templates/common.yaml
deleted file mode 100644
index 00565a16a7a..00000000000
--- a/enterprise/vaultwarden/20.0.6/templates/common.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{/* Render configmap for vaultwarden */}}
-{{- $configmapFile := include "vaultwarden.configmap" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "vaultwardenconfig" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for vaultwarden */}}
-{{- $secret := include "vaultwarden.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "vaultwardensecret" $secret -}}
-{{- end -}}
-
-{{/* Define path for websocket */}}
-{{- define "vaultwarden.websocket" -}}
-{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" . -}}
-path: "/notifications/hub"
-# -- Ignored if not kubeVersion >= 1.14-0
-pathType: Prefix
-service:
- # -- Overrides the service name reference for this path
- name: {{ printf "%s-ws" $fullname }}
- port: {{ .Values.service.ws.ports.ws.port }}
-{{- end -}}
-
-{{/* inject websocket path to all main ingress hosts*/}}
-{{- define "vaultwarden.websocketinjector" -}}
-{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
-{{- if .Values.ingress.main.enabled }}
-{{- range .Values.ingress.main.hosts }}
-{{- $newpaths := list }}
-{{- $newpaths := concat .paths $path }}
-{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{/* inject websocket paths in ingress */}}
-{{- include "vaultwarden.websocketinjector" . }}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/vaultwarden/20.0.6/values.yaml b/enterprise/vaultwarden/20.0.6/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/vaultwarden/20.0.7/CHANGELOG.md b/enterprise/vaultwarden/20.0.7/CHANGELOG.md
deleted file mode 100644
index 977a424ca15..00000000000
--- a/enterprise/vaultwarden/20.0.7/CHANGELOG.md
+++ /dev/null
@@ -1,66 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [vaultwarden-20.0.7](https://github.com/truecharts/charts/compare/vaultwarden-20.0.6...vaultwarden-20.0.7) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
-
-
-## [vaultwarden-20.0.6](https://github.com/truecharts/charts/compare/vaultwarden-20.0.5...vaultwarden-20.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [vaultwarden-20.0.5](https://github.com/truecharts/charts/compare/vaultwarden-20.0.4...vaultwarden-20.0.5) (2023-03-06)
-
-### Fix
-
-- don't base64 encode secret anymore
-
-
-
-
-## [vaultwarden-20.0.4](https://github.com/truecharts/charts/compare/vaultwarden-20.0.3...vaultwarden-20.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [vaultwarden-20.0.3](https://github.com/truecharts/charts/compare/vaultwarden-20.0.1...vaultwarden-20.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [vaultwarden-20.0.1](https://github.com/truecharts/charts/compare/vaultwarden-20.0.0...vaultwarden-20.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [vaultwarden-20.0.0](https://github.com/truecharts/charts/compare/vaultwarden-19.0.23...vaultwarden-20.0.0) (2023-03-04)
-
diff --git a/enterprise/vaultwarden/20.0.7/Chart.yaml b/enterprise/vaultwarden/20.0.7/Chart.yaml
deleted file mode 100644
index 666202cb47b..00000000000
--- a/enterprise/vaultwarden/20.0.7/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v2
-appVersion: "1.27.0"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.28
-deprecated: false
-description: Unofficial Bitwarden compatible server written in Rust
-home: https://truecharts.org/charts/enterprise/vaultwarden
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
-keywords:
- - bitwarden
- - bitwardenrs
- - bitwarden_rs
- - vaultwarden
- - password
- - rust
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: vaultwarden
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden
- - https://hub.docker.com/r/vaultwarden/server
- - https://github.com/dani-garcia/vaultwarden
-type: application
-version: 20.0.7
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/vaultwarden/20.0.7/LICENSE b/enterprise/vaultwarden/20.0.7/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/vaultwarden/20.0.7/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/vaultwarden/20.0.7/README.md b/enterprise/vaultwarden/20.0.7/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/vaultwarden/20.0.7/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/vaultwarden/20.0.7/app-changelog.md b/enterprise/vaultwarden/20.0.7/app-changelog.md
deleted file mode 100644
index 816c1ee2159..00000000000
--- a/enterprise/vaultwarden/20.0.7/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [vaultwarden-20.0.7](https://github.com/truecharts/charts/compare/vaultwarden-20.0.6...vaultwarden-20.0.7) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
\ No newline at end of file
diff --git a/enterprise/vaultwarden/20.0.7/app-readme.md b/enterprise/vaultwarden/20.0.7/app-readme.md
deleted file mode 100644
index 08d9cc8b1dd..00000000000
--- a/enterprise/vaultwarden/20.0.7/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Unofficial Bitwarden compatible server written in Rust
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/vaultwarden](https://truecharts.org/charts/enterprise/vaultwarden)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/vaultwarden/20.0.7/charts/common-12.2.28.tgz b/enterprise/vaultwarden/20.0.7/charts/common-12.2.28.tgz
deleted file mode 100644
index 4a3a50054c6..00000000000
Binary files a/enterprise/vaultwarden/20.0.7/charts/common-12.2.28.tgz and /dev/null differ
diff --git a/enterprise/vaultwarden/20.0.7/ix_values.yaml b/enterprise/vaultwarden/20.0.7/ix_values.yaml
deleted file mode 100644
index 3389326acfe..00000000000
--- a/enterprise/vaultwarden/20.0.7/ix_values.yaml
+++ /dev/null
@@ -1,164 +0,0 @@
-image:
- repository: tccr.io/truecharts/vaultwarden
- pullPolicy: IfNotPresent
- tag: 1.27.0@sha256:e80b8a6a8b05928d9703eda1c7ebd2c8f1c0b9deed1734ce31c2ec6d70aed323
-
-service:
- main:
- ports:
- main:
- port: 10102
- targetPort: 8080
- ws:
- enabled: true
- ports:
- ws:
- enabled: true
- port: 3012
- targetPort: 3012
-
-workload:
- main:
- podSpec:
- containers:
- main:
- env:
- DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
- DATABASE_URL:
- secretKeyRef:
- name: cnpg-main-urls
- key: std
-
- envFrom:
- - configMapRef:
- name: vaultwardenconfig
- - secretRef:
- name: vaultwardensecret
-
-database:
- # -- Database type,
- # must be one of: 'sqlite', 'mysql' or 'postgresql'.
- type: postgresql
- # -- Enable DB Write-Ahead-Log for SQLite,
- # disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
- wal: true
- ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
- # url: ""
- ## Set the size of the database connection pool.
- # maxConnections: 10
- ## Connection retries during startup, 0 for infinite. 1 second between retries.
- # retries: 15
-
-# Set Bitwarden_rs application variables
-vaultwarden:
- # -- Allow any user to sign-up
- # see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
- allowSignups: true
- ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
- # signupDomains:
- # - domain.tld
- # -- Verify e-mail before login is enabled.
- # SMTP must be enabled.
- verifySignup: false
- # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
- requireEmail: false
- ## Maximum attempts before an email token is reset and a new email will need to be sent.
- # emailAttempts: 3
- ## Email token validity in seconds.
- # emailTokenExpiration: 600
- # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
- allowInvitation: true
- # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
- ## Default organization name in invitation e-mails that are not coming from a specific organization.
- # defaultInviteName: ""
- showPasswordHint: true
- # Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
- # Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
- enableWebsockets: true
- # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
- enableWebVault: true
- # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
- orgCreationUsers: all
- ## Limit attachment disk usage per organization.
- # attachmentLimitOrg:
- ## Limit attachment disk usage per user.
- # attachmentLimitUser:
- ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
- # hibpApiKey:
-
- admin:
- # Enable admin portal.
- enabled: false
- # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
- disableAdminToken: false
- ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
- # token:
-
- # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
- smtp:
- enabled: false
- # SMTP hostname, required if SMTP is enabled.
- host: ""
- # SMTP sender e-mail address, required if SMTP is enabled.
- from: ""
- ## SMTP sender name, defaults to 'Bitwarden_RS'.
- # fromName: ""
- ## Enable SSL connection.
- # ssl: true
- ## SMTP port. Defaults to 25 without SSL, 587 with SSL.
- # port: 587
- ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
- # authMechanism: Plain
- ## Hostname to be sent for SMTP HELO. Defaults to pod name.
- # heloName: ""
- ## SMTP timeout.
- # timeout: 15
- ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidHostname: false
- ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidCertificate: false
- ## SMTP username.
- # user: ""
- ## SMTP password. Required is user is specified, ignored if no user provided.
- # password: ""
-
- ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
- yubico:
- enabled: false
- ## Yubico server. Defaults to YubiCloud.
- # server:
- ## Yubico ID and Secret Key.
- # clientId:
- # secretKey:
-
- ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
- log:
- # Log to file.
- file: ""
- # Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
- level: "trace"
- ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
- # timeFormat: ""
-
- icons:
- # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
- disableDownload: false
- ## Cache time-to-live for icons fetched. 0 means no purging.
- # cache: 2592000
- ## Cache time-to-live for icons that were not available. 0 means no purging.
- # cacheFailed: 259200
-
-persistence:
- data:
- enabled: true
- mountPath: "/data"
-
-cnpg:
- main:
- enabled: true
- user: vaultwarden
- database: vaultwarden
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/vaultwarden/20.0.7/questions.yaml b/enterprise/vaultwarden/20.0.7/questions.yaml
deleted file mode 100644
index 714d3214cc5..00000000000
--- a/enterprise/vaultwarden/20.0.7/questions.yaml
+++ /dev/null
@@ -1,2226 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- admin:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "/admin/"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: vaultwarden
- label: ""
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: yubico
- label: "Yubico OTP authentication"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Yubico OTP authentication"
- description: "Please refer to the manual at: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Yubikey-OTP-authentication"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: server
- label: "Yubico server"
- description: "Defaults to YubiCloud"
- schema:
- type: string
- default: ""
- - variable: clientId
- label: "Yubico ID"
- schema:
- type: string
- default: ""
- - variable: secretKey
- label: "Yubico Secret Key"
- schema:
- type: string
- default: ""
- - variable: admin
- label: "Admin Portal"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Admin Portal"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: disableAdminToken
- label: "Make Accessible Without Password/Token"
- schema:
- type: boolean
- default: false
- - variable: token
- label: "Admin Portal Password/Token"
- description: "Will be automatically generated if not defined"
- schema:
- type: string
- default: ""
- - variable: icons
- label: "Icon Download Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disableDownload
- label: "Disable Icon Download"
- description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
- schema:
- type: boolean
- default: false
- - variable: cache
- label: "Cache time-to-live"
- description: "Cache time-to-live for icons fetched. 0 means no purging"
- schema:
- type: int
- default: 2592000
- - variable: token
- label: "Failed Downloads Cache time-to-live"
- description: "Cache time-to-live for icons that were not available. 0 means no purging."
- schema:
- type: int
- default: 2592000
- - variable: log
- label: "Logging"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log level"
- schema:
- type: string
- default: "info"
- required: true
- enum:
- - value: "trace"
- description: "trace"
- - value: "debug"
- description: "debug"
- - value: "info"
- description: "info"
- - value: "warn"
- description: "warn"
- - value: "error"
- description: "error"
- - value: "off"
- description: "off"
- - variable: file
- label: "Log-File Location"
- schema:
- type: string
- default: ""
- - variable: smtp
- label: "SMTP Settings (Email)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable SMTP Support"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "SMTP hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: from
- label: "SMTP sender e-mail address"
- schema:
- type: string
- required: true
- default: ""
- - variable: fromName
- label: "SMTP sender name"
- schema:
- type: string
- required: true
- default: ""
- - variable: user
- label: "SMTP username"
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: "SMTP password"
- description: "Required is user is specified, ignored if no user provided"
- schema:
- type: string
- default: ""
- - variable: ssl
- label: "Enable SSL connection"
- schema:
- type: boolean
- default: true
- - variable: port
- label: "SMTP port"
- description: "Usually: 25 without SSL, 587 with SSL"
- schema:
- type: int
- default: 587
- - variable: authMechanism
- label: "SMTP Authentication Mechanisms"
- description: "Comma-separated options: Plain, Login and Xoauth2"
- schema:
- type: string
- default: "Plain"
- - variable: heloName
- label: "SMTP HELO - Hostname"
- description: "Hostname to be sent for SMTP HELO. Defaults to pod name"
- schema:
- type: string
- default: ""
- - variable: timeout
- label: "SMTP timeout"
- schema:
- type: int
- default: 15
- - variable: invalidHostname
- label: "Accept Invalid Hostname"
- description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: invalidCertificate
- label: "Accept Invalid Certificate"
- description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: allowSignups
- label: "Allow Signup"
- description: "Allow any user to sign-up: https://github.com/dani-garcia/vaultwarden/wiki/Disable-registration-of-new-users"
- schema:
- type: boolean
- default: true
- - variable: allowInvitation
- label: "Always allow Invitation"
- description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/vaultwarden/wiki/Disable-invitations"
- schema:
- type: boolean
- default: true
- - variable: defaultInviteName
- label: "Default Invite Organisation Name"
- description: "Default organization name in invitation e-mails that are not coming from a specific organization."
- schema:
- type: string
- default: ""
- - variable: showPasswordHint
- label: "Show password hints"
- description: "https://github.com/dani-garcia/vaultwarden/wiki/Password-hint-display"
- schema:
- type: boolean
- default: true
- - variable: signupwhitelistenable
- label: "Enable Signup Whitelist"
- description: "allowSignups is ignored if set"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: signupDomains
- label: "Signup Whitelist Domains"
- schema:
- type: list
- default: []
- items:
- - variable: domain
- label: "Domain"
- schema:
- type: string
- default: ""
- - variable: verifySignup
- label: "Verifiy Signup"
- description: "Verify e-mail before login is enabled. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: requireEmail
- label: "Block Login if email fails"
- description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: emailAttempts
- label: "Email token reset attempts"
- description: "Maximum attempts before an email token is reset and a new email will need to be sent"
- schema:
- type: int
- default: 3
- - variable: emailTokenExpiration
- label: "Email token validity in seconds"
- schema:
- type: int
- default: 600
- - variable: enableWebVault
- label: "Enable Webvault"
- description: "Enable Web Vault (static content). https://github.com/dani-garcia/vaultwarden/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
- schema:
- type: boolean
- default: true
- - variable: orgCreationUsers
- label: "Limit Organisation Creation to (users)"
- description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
- schema:
- type: string
- default: "all"
- - variable: attachmentLimitOrg
- label: "Limit Attachment Disk Usage per Organisation"
- schema:
- type: string
- default: ""
- - variable: attachmentLimitUser
- label: "Limit Attachment Disk Usage per User"
- schema:
- type: string
- default: ""
- - variable: hibpApiKey
- label: "HaveIBeenPwned API Key"
- description: "Can be purchased at https://haveibeenpwned.com/API/Key"
- schema:
- type: string
- default: ""
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10102
- required: true
- - variable: ws
- label: "WebSocket Service"
- description: "WebSocket Service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ws
- label: "WebSocket Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 3012
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["certificateIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/vaultwarden/20.0.7/templates/NOTES.txt b/enterprise/vaultwarden/20.0.7/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/vaultwarden/20.0.7/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/vaultwarden/20.0.7/templates/_configmap.tpl b/enterprise/vaultwarden/20.0.7/templates/_configmap.tpl
deleted file mode 100644
index c21ff158df0..00000000000
--- a/enterprise/vaultwarden/20.0.7/templates/_configmap.tpl
+++ /dev/null
@@ -1,112 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "vaultwarden.configmap" -}}
-enabled: true
-data:
- ROCKET_PORT: "8080"
- SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
- {{- if .Values.vaultwarden.signupDomains }}
- SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
- {{- end }}
- {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
- SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
- {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
- REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
- {{- if .Values.vaultwarden.emailAttempts }}
- EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.emailTokenExpiration }}
- EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
- {{- end }}
- INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
- {{- if .Values.vaultwarden.defaultInviteName }}
- INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
- {{- end }}
- SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
- WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
- WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
- ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
- {{- if .Values.vaultwarden.attachmentLimitOrg }}
- ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.attachmentLimitUser }}
- USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.hibpApiKey }}
- HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
- {{- end }}
- {{- include "vaultwarden.dbTypeValid" . }}
- {{- if .Values.database.retries }}
- DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
- {{- end }}
- {{- if .Values.database.maxConnections }}
- DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.smtp.enabled true }}
- SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
- SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
- {{- if .Values.vaultwarden.smtp.fromName }}
- SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.ssl }}
- SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.port }}
- SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.authMechanism }}
- SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.heloName }}
- HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.timeout }}
- SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidHostname }}
- SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidCertificate }}
- SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.log.file }}
- LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
- {{- end }}
- {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
- EXTENDED_LOGGING: "true"
- {{- end }}
- {{- if .Values.vaultwarden.log.level }}
- {{- include "vaultwarden.logLevelValid" . }}
- LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.log.timeFormat }}
- LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.disableDownload }}
- DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
- {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
- ICON_CACHE_TTL: "0"
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cache }}
- ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cacheFailed }}
- ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.admin.enabled true }}
- {{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
- DISABLE_ADMIN_TOKEN: "true"
- {{- end }}
- {{- end }}
- {{- if eq .Values.vaultwarden.yubico.enabled true }}
- {{- if .Values.vaultwarden.yubico.server }}
- YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
- {{- end }}
- {{- end }}
- {{- if eq .Values.database.type "sqlite" }}
- ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
- {{- else }}
- ENABLE_DB_WAL: "false"
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.7/templates/_secrets.tpl b/enterprise/vaultwarden/20.0.7/templates/_secrets.tpl
deleted file mode 100644
index a33f037cf71..00000000000
--- a/enterprise/vaultwarden/20.0.7/templates/_secrets.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "vaultwarden.secrets" -}}
-
-{{- $adminToken := "" }}
-{{- if eq .Values.vaultwarden.admin.enabled true }}
-{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | quote }}
-{{- end -}}
-
-{{- $smtpUser := "" }}
-{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
-{{- $smtpUser = .Values.vaultwarden.smtp.user | quote }}
-{{- end -}}
-
-{{- $yubicoClientId := "" }}
-{{- if eq .Values.vaultwarden.yubico.enabled true }}
-{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | quote }}
-{{- end -}}
-enabled: true
-data:
- placeholder: placeholdervalue
- {{- if ne $adminToken "" }}
- ADMIN_TOKEN: {{ $adminToken }}
- {{- end }}
- {{- if ne $smtpUser "" }}
- SMTP_USERNAME: {{ $smtpUser }}
- SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | quote }}
- {{- end }}
- {{- if ne $yubicoClientId "" }}
- YUBICO_CLIENT_ID: {{ $yubicoClientId }}
- YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | quote }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.7/templates/_validate.tpl b/enterprise/vaultwarden/20.0.7/templates/_validate.tpl
deleted file mode 100644
index e4832c2f6e5..00000000000
--- a/enterprise/vaultwarden/20.0.7/templates/_validate.tpl
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-Ensure valid DB type is select, defaults to SQLite
-*/}}
-{{- define "vaultwarden.dbTypeValid" -}}
-{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
-{{- required "Invalid database type" nil }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Ensure log type is valid
-*/}}
-{{- define "vaultwarden.logLevelValid" -}}
-{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
-{{- required "Invalid log level" nil }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/vaultwarden/20.0.7/templates/common.yaml b/enterprise/vaultwarden/20.0.7/templates/common.yaml
deleted file mode 100644
index 00565a16a7a..00000000000
--- a/enterprise/vaultwarden/20.0.7/templates/common.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{/* Render configmap for vaultwarden */}}
-{{- $configmapFile := include "vaultwarden.configmap" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "vaultwardenconfig" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for vaultwarden */}}
-{{- $secret := include "vaultwarden.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "vaultwardensecret" $secret -}}
-{{- end -}}
-
-{{/* Define path for websocket */}}
-{{- define "vaultwarden.websocket" -}}
-{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" . -}}
-path: "/notifications/hub"
-# -- Ignored if not kubeVersion >= 1.14-0
-pathType: Prefix
-service:
- # -- Overrides the service name reference for this path
- name: {{ printf "%s-ws" $fullname }}
- port: {{ .Values.service.ws.ports.ws.port }}
-{{- end -}}
-
-{{/* inject websocket path to all main ingress hosts*/}}
-{{- define "vaultwarden.websocketinjector" -}}
-{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
-{{- if .Values.ingress.main.enabled }}
-{{- range .Values.ingress.main.hosts }}
-{{- $newpaths := list }}
-{{- $newpaths := concat .paths $path }}
-{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{/* inject websocket paths in ingress */}}
-{{- include "vaultwarden.websocketinjector" . }}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/vaultwarden/20.0.7/values.yaml b/enterprise/vaultwarden/20.0.7/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/enterprise/vaultwarden/20.0.8/CHANGELOG.md b/enterprise/vaultwarden/20.0.8/CHANGELOG.md
deleted file mode 100644
index ebda1db1b52..00000000000
--- a/enterprise/vaultwarden/20.0.8/CHANGELOG.md
+++ /dev/null
@@ -1,75 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [vaultwarden-20.0.8](https://github.com/truecharts/charts/compare/vaultwarden-20.0.7...vaultwarden-20.0.8) (2023-04-05)
-
-### Chore
-
-- bump common to 32 on enterprise charts
-
-
-
-
-## [vaultwarden-20.0.7](https://github.com/truecharts/charts/compare/vaultwarden-20.0.6...vaultwarden-20.0.7) (2023-03-19)
-
-### Chore
-
-- bump common and deps on enterprise train ([#7819](https://github.com/truecharts/charts/issues/7819))
-
-
-
-
-## [vaultwarden-20.0.6](https://github.com/truecharts/charts/compare/vaultwarden-20.0.5...vaultwarden-20.0.6) (2023-03-07)
-
-### Fix
-
-- misc fixes from common and prometheus storageclass patch ([#7762](https://github.com/truecharts/charts/issues/7762))
-
-
-
-
-## [vaultwarden-20.0.5](https://github.com/truecharts/charts/compare/vaultwarden-20.0.4...vaultwarden-20.0.5) (2023-03-06)
-
-### Fix
-
-- don't base64 encode secret anymore
-
-
-
-
-## [vaultwarden-20.0.4](https://github.com/truecharts/charts/compare/vaultwarden-20.0.3...vaultwarden-20.0.4) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7751](https://github.com/truecharts/charts/issues/7751))
-
-
-
-
-## [vaultwarden-20.0.3](https://github.com/truecharts/charts/compare/vaultwarden-20.0.1...vaultwarden-20.0.3) (2023-03-06)
-
-### Chore
-
-- bump common and dependencies ([#7749](https://github.com/truecharts/charts/issues/7749))
-
-
-
-
-## [vaultwarden-20.0.1](https://github.com/truecharts/charts/compare/vaultwarden-20.0.0...vaultwarden-20.0.1) (2023-03-05)
-
-### Chore
-
-- bump common and enterprise train for stability ([#7747](https://github.com/truecharts/charts/issues/7747))
-
- ### Fix
-
-- bump common for release
-
-
-
-
-## [vaultwarden-20.0.0](https://github.com/truecharts/charts/compare/vaultwarden-19.0.23...vaultwarden-20.0.0) (2023-03-04)
-
diff --git a/enterprise/vaultwarden/20.0.8/Chart.yaml b/enterprise/vaultwarden/20.0.8/Chart.yaml
deleted file mode 100644
index 8e21d7a714e..00000000000
--- a/enterprise/vaultwarden/20.0.8/Chart.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: v2
-appVersion: "1.27.0"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 12.2.32
-deprecated: false
-description: Unofficial Bitwarden compatible server written in Rust
-home: https://truecharts.org/charts/enterprise/vaultwarden
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
-keywords:
- - bitwarden
- - bitwardenrs
- - bitwarden_rs
- - vaultwarden
- - password
- - rust
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: vaultwarden
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden
- - https://github.com/dani-garcia/vaultwarden
-type: application
-version: 20.0.8
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/enterprise/vaultwarden/20.0.8/LICENSE b/enterprise/vaultwarden/20.0.8/LICENSE
deleted file mode 100644
index 80e4ab93f92..00000000000
--- a/enterprise/vaultwarden/20.0.8/LICENSE
+++ /dev/null
@@ -1,106 +0,0 @@
-Business Source License 1.1
-
-Parameters
-
-Licensor: The TrueCharts Project, it's owner and it's contributors
-Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
-Additional Use Grant: You may use the licensed work in production, as long
- as it is directly sourced from a TrueCharts provided
- official repository, catalog or source. You may also make private
- modification to the directly sourced licenced work,
- when used in production.
-
- The following cases are, due to their nature, also
- defined as 'production use' and explicitly prohibited:
- - Bundling, including or displaying the licensed work
- with(in) another work intended for production use,
- with the apparent intend of facilitating and/or
- promoting production use by third parties in
- violation of this license.
-
-Change Date: 2050-01-01
-
-Change License: 3-clause BSD license
-
-For information about alternative licensing arrangements for the Software,
-please contact: legal@truecharts.org
-
-Notice
-
-The Business Source License (this document, or the “License”) is not an Open
-Source license. However, the Licensed Work will eventually be made available
-under an Open Source License, as stated in this License.
-
-License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
-“Business Source License” is a trademark of MariaDB Corporation Ab.
-
------------------------------------------------------------------------------
-
-Business Source License 1.1
-
-Terms
-
-The Licensor hereby grants you the right to copy, modify, create derivative
-works, redistribute, and make non-production use of the Licensed Work. The
-Licensor may make an Additional Use Grant, above, permitting limited
-production use.
-
-Effective on the Change Date, or the fourth anniversary of the first publicly
-available distribution of a specific version of the Licensed Work under this
-License, whichever comes first, the Licensor hereby grants you rights under
-the terms of the Change License, and the rights granted in the paragraph
-above terminate.
-
-If your use of the Licensed Work does not comply with the requirements
-currently in effect as described in this License, you must purchase a
-commercial license from the Licensor, its affiliated entities, or authorized
-resellers, or you must refrain from using the Licensed Work.
-
-All copies of the original and modified Licensed Work, and derivative works
-of the Licensed Work, are subject to this License. This License applies
-separately for each version of the Licensed Work and the Change Date may vary
-for each version of the Licensed Work released by Licensor.
-
-You must conspicuously display this License on each original or modified copy
-of the Licensed Work. If you receive the Licensed Work in original or
-modified form from a third party, the terms and conditions set forth in this
-License apply to your use of that work.
-
-Any use of the Licensed Work in violation of this License will automatically
-terminate your rights under this License for the current and all other
-versions of the Licensed Work.
-
-This License does not grant you any right in any trademark or logo of
-Licensor or its affiliates (provided that you may use a trademark or logo of
-Licensor as expressly required by this License).
-
-TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
-AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
-EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
-TITLE.
-
-MariaDB hereby grants you permission to use this License’s text to license
-your works, and to refer to it using the trademark “Business Source License”,
-as long as you comply with the Covenants of Licensor below.
-
-Covenants of Licensor
-
-In consideration of the right to use this License’s text and the “Business
-Source License” name and trademark, Licensor covenants to MariaDB, and to all
-other recipients of the licensed work to be provided by Licensor:
-
-1. To specify as the Change License the GPL Version 2.0 or any later version,
- or a license that is compatible with GPL Version 2.0 or a later version,
- where “compatible” means that software provided under the Change License can
- be included in a program with software provided under GPL Version 2.0 or a
- later version. Licensor may specify additional Change Licenses without
- limitation.
-
-2. To either: (a) specify an additional grant of rights to use that does not
- impose any additional restriction on the right granted in this License, as
- the Additional Use Grant; or (b) insert the text “None”.
-
-3. To specify a Change Date.
-
-4. Not to modify this License in any other way.
diff --git a/enterprise/vaultwarden/20.0.8/README.md b/enterprise/vaultwarden/20.0.8/README.md
deleted file mode 100644
index de60b9ed65c..00000000000
--- a/enterprise/vaultwarden/20.0.8/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/enterprise/vaultwarden/20.0.8/app-changelog.md b/enterprise/vaultwarden/20.0.8/app-changelog.md
deleted file mode 100644
index 2213db5605c..00000000000
--- a/enterprise/vaultwarden/20.0.8/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [vaultwarden-20.0.8](https://github.com/truecharts/charts/compare/vaultwarden-20.0.7...vaultwarden-20.0.8) (2023-04-05)
-
-### Chore
-
-- bump common to 32 on enterprise charts
-
-
\ No newline at end of file
diff --git a/enterprise/vaultwarden/20.0.8/app-readme.md b/enterprise/vaultwarden/20.0.8/app-readme.md
deleted file mode 100644
index 08d9cc8b1dd..00000000000
--- a/enterprise/vaultwarden/20.0.8/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Unofficial Bitwarden compatible server written in Rust
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/vaultwarden](https://truecharts.org/charts/enterprise/vaultwarden)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/vaultwarden/20.0.8/charts/common-12.2.32.tgz b/enterprise/vaultwarden/20.0.8/charts/common-12.2.32.tgz
deleted file mode 100644
index 3304bd5a80b..00000000000
Binary files a/enterprise/vaultwarden/20.0.8/charts/common-12.2.32.tgz and /dev/null differ
diff --git a/enterprise/vaultwarden/20.0.8/ix_values.yaml b/enterprise/vaultwarden/20.0.8/ix_values.yaml
deleted file mode 100644
index 3389326acfe..00000000000
--- a/enterprise/vaultwarden/20.0.8/ix_values.yaml
+++ /dev/null
@@ -1,164 +0,0 @@
-image:
- repository: tccr.io/truecharts/vaultwarden
- pullPolicy: IfNotPresent
- tag: 1.27.0@sha256:e80b8a6a8b05928d9703eda1c7ebd2c8f1c0b9deed1734ce31c2ec6d70aed323
-
-service:
- main:
- ports:
- main:
- port: 10102
- targetPort: 8080
- ws:
- enabled: true
- ports:
- ws:
- enabled: true
- port: 3012
- targetPort: 3012
-
-workload:
- main:
- podSpec:
- containers:
- main:
- env:
- DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
- DATABASE_URL:
- secretKeyRef:
- name: cnpg-main-urls
- key: std
-
- envFrom:
- - configMapRef:
- name: vaultwardenconfig
- - secretRef:
- name: vaultwardensecret
-
-database:
- # -- Database type,
- # must be one of: 'sqlite', 'mysql' or 'postgresql'.
- type: postgresql
- # -- Enable DB Write-Ahead-Log for SQLite,
- # disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
- wal: true
- ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
- # url: ""
- ## Set the size of the database connection pool.
- # maxConnections: 10
- ## Connection retries during startup, 0 for infinite. 1 second between retries.
- # retries: 15
-
-# Set Bitwarden_rs application variables
-vaultwarden:
- # -- Allow any user to sign-up
- # see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
- allowSignups: true
- ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
- # signupDomains:
- # - domain.tld
- # -- Verify e-mail before login is enabled.
- # SMTP must be enabled.
- verifySignup: false
- # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
- requireEmail: false
- ## Maximum attempts before an email token is reset and a new email will need to be sent.
- # emailAttempts: 3
- ## Email token validity in seconds.
- # emailTokenExpiration: 600
- # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
- allowInvitation: true
- # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
- ## Default organization name in invitation e-mails that are not coming from a specific organization.
- # defaultInviteName: ""
- showPasswordHint: true
- # Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
- # Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
- enableWebsockets: true
- # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
- enableWebVault: true
- # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
- orgCreationUsers: all
- ## Limit attachment disk usage per organization.
- # attachmentLimitOrg:
- ## Limit attachment disk usage per user.
- # attachmentLimitUser:
- ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
- # hibpApiKey:
-
- admin:
- # Enable admin portal.
- enabled: false
- # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
- disableAdminToken: false
- ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
- # token:
-
- # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
- smtp:
- enabled: false
- # SMTP hostname, required if SMTP is enabled.
- host: ""
- # SMTP sender e-mail address, required if SMTP is enabled.
- from: ""
- ## SMTP sender name, defaults to 'Bitwarden_RS'.
- # fromName: ""
- ## Enable SSL connection.
- # ssl: true
- ## SMTP port. Defaults to 25 without SSL, 587 with SSL.
- # port: 587
- ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
- # authMechanism: Plain
- ## Hostname to be sent for SMTP HELO. Defaults to pod name.
- # heloName: ""
- ## SMTP timeout.
- # timeout: 15
- ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidHostname: false
- ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
- # invalidCertificate: false
- ## SMTP username.
- # user: ""
- ## SMTP password. Required is user is specified, ignored if no user provided.
- # password: ""
-
- ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
- yubico:
- enabled: false
- ## Yubico server. Defaults to YubiCloud.
- # server:
- ## Yubico ID and Secret Key.
- # clientId:
- # secretKey:
-
- ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
- log:
- # Log to file.
- file: ""
- # Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
- level: "trace"
- ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
- # timeFormat: ""
-
- icons:
- # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
- disableDownload: false
- ## Cache time-to-live for icons fetched. 0 means no purging.
- # cache: 2592000
- ## Cache time-to-live for icons that were not available. 0 means no purging.
- # cacheFailed: 259200
-
-persistence:
- data:
- enabled: true
- mountPath: "/data"
-
-cnpg:
- main:
- enabled: true
- user: vaultwarden
- database: vaultwarden
-
-portal:
- open:
- enabled: true
diff --git a/enterprise/vaultwarden/20.0.8/questions.yaml b/enterprise/vaultwarden/20.0.8/questions.yaml
deleted file mode 100644
index 714d3214cc5..00000000000
--- a/enterprise/vaultwarden/20.0.8/questions.yaml
+++ /dev/null
@@ -1,2226 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: Workload Settings
- description: Workload Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Postgresql
- description: Postgresql
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- admin:
- protocols:
- - "$kubernetes-resource_configmap_tcportal-open_protocol"
- host:
- - "$kubernetes-resource_configmap_tcportal-open_host"
- ports:
- - "$kubernetes-resource_configmap_tcportal-open_port"
- path: "/admin/"
-questions:
-
- - variable: workload
- group: "Workload Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type (Advanced)
- schema:
- type: string
- default: Deployment
- enum:
- - value: Deployment
- description: Deployment
- - value: DaemonSet
- description: DaemonSet
- - variable: replicas
- label: Replicas (Advanced)
- description: Set the number of Replicas
- schema:
- type: int
- show_if: [["type", "!=", "DaemonSet"]]
- default: 1
- - variable: podSpec
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: containers
- label: Containers
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: command
- label: Command
- schema:
- type: list
- default: []
- items:
- - variable: param
- label: Param
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: vaultwarden
- label: ""
- group: "App Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: yubico
- label: "Yubico OTP authentication"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Yubico OTP authentication"
- description: "Please refer to the manual at: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Yubikey-OTP-authentication"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: server
- label: "Yubico server"
- description: "Defaults to YubiCloud"
- schema:
- type: string
- default: ""
- - variable: clientId
- label: "Yubico ID"
- schema:
- type: string
- default: ""
- - variable: secretKey
- label: "Yubico Secret Key"
- schema:
- type: string
- default: ""
- - variable: admin
- label: "Admin Portal"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable Admin Portal"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: disableAdminToken
- label: "Make Accessible Without Password/Token"
- schema:
- type: boolean
- default: false
- - variable: token
- label: "Admin Portal Password/Token"
- description: "Will be automatically generated if not defined"
- schema:
- type: string
- default: ""
- - variable: icons
- label: "Icon Download Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disableDownload
- label: "Disable Icon Download"
- description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
- schema:
- type: boolean
- default: false
- - variable: cache
- label: "Cache time-to-live"
- description: "Cache time-to-live for icons fetched. 0 means no purging"
- schema:
- type: int
- default: 2592000
- - variable: token
- label: "Failed Downloads Cache time-to-live"
- description: "Cache time-to-live for icons that were not available. 0 means no purging."
- schema:
- type: int
- default: 2592000
- - variable: log
- label: "Logging"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log level"
- schema:
- type: string
- default: "info"
- required: true
- enum:
- - value: "trace"
- description: "trace"
- - value: "debug"
- description: "debug"
- - value: "info"
- description: "info"
- - value: "warn"
- description: "warn"
- - value: "error"
- description: "error"
- - value: "off"
- description: "off"
- - variable: file
- label: "Log-File Location"
- schema:
- type: string
- default: ""
- - variable: smtp
- label: "SMTP Settings (Email)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable SMTP Support"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "SMTP hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: from
- label: "SMTP sender e-mail address"
- schema:
- type: string
- required: true
- default: ""
- - variable: fromName
- label: "SMTP sender name"
- schema:
- type: string
- required: true
- default: ""
- - variable: user
- label: "SMTP username"
- schema:
- type: string
- required: true
- default: ""
- - variable: password
- label: "SMTP password"
- description: "Required is user is specified, ignored if no user provided"
- schema:
- type: string
- default: ""
- - variable: ssl
- label: "Enable SSL connection"
- schema:
- type: boolean
- default: true
- - variable: port
- label: "SMTP port"
- description: "Usually: 25 without SSL, 587 with SSL"
- schema:
- type: int
- default: 587
- - variable: authMechanism
- label: "SMTP Authentication Mechanisms"
- description: "Comma-separated options: Plain, Login and Xoauth2"
- schema:
- type: string
- default: "Plain"
- - variable: heloName
- label: "SMTP HELO - Hostname"
- description: "Hostname to be sent for SMTP HELO. Defaults to pod name"
- schema:
- type: string
- default: ""
- - variable: timeout
- label: "SMTP timeout"
- schema:
- type: int
- default: 15
- - variable: invalidHostname
- label: "Accept Invalid Hostname"
- description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: invalidCertificate
- label: "Accept Invalid Certificate"
- description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
- schema:
- type: boolean
- default: false
- - variable: allowSignups
- label: "Allow Signup"
- description: "Allow any user to sign-up: https://github.com/dani-garcia/vaultwarden/wiki/Disable-registration-of-new-users"
- schema:
- type: boolean
- default: true
- - variable: allowInvitation
- label: "Always allow Invitation"
- description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/vaultwarden/wiki/Disable-invitations"
- schema:
- type: boolean
- default: true
- - variable: defaultInviteName
- label: "Default Invite Organisation Name"
- description: "Default organization name in invitation e-mails that are not coming from a specific organization."
- schema:
- type: string
- default: ""
- - variable: showPasswordHint
- label: "Show password hints"
- description: "https://github.com/dani-garcia/vaultwarden/wiki/Password-hint-display"
- schema:
- type: boolean
- default: true
- - variable: signupwhitelistenable
- label: "Enable Signup Whitelist"
- description: "allowSignups is ignored if set"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: signupDomains
- label: "Signup Whitelist Domains"
- schema:
- type: list
- default: []
- items:
- - variable: domain
- label: "Domain"
- schema:
- type: string
- default: ""
- - variable: verifySignup
- label: "Verifiy Signup"
- description: "Verify e-mail before login is enabled. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: requireEmail
- label: "Block Login if email fails"
- description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
- schema:
- type: boolean
- default: false
- - variable: emailAttempts
- label: "Email token reset attempts"
- description: "Maximum attempts before an email token is reset and a new email will need to be sent"
- schema:
- type: int
- default: 3
- - variable: emailTokenExpiration
- label: "Email token validity in seconds"
- schema:
- type: int
- default: 600
- - variable: enableWebVault
- label: "Enable Webvault"
- description: "Enable Web Vault (static content). https://github.com/dani-garcia/vaultwarden/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
- schema:
- type: boolean
- default: true
- - variable: orgCreationUsers
- label: "Limit Organisation Creation to (users)"
- description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
- schema:
- type: string
- default: "all"
- - variable: attachmentLimitOrg
- label: "Limit Attachment Disk Usage per Organisation"
- schema:
- type: string
- default: ""
- - variable: attachmentLimitUser
- label: "Limit Attachment Disk Usage per User"
- schema:
- type: string
- default: ""
- - variable: hibpApiKey
- label: "HaveIBeenPwned API Key"
- description: "Can be purchased at https://haveibeenpwned.com/API/Key"
- schema:
- type: string
- default: ""
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10102
- required: true
- - variable: ws
- label: "WebSocket Service"
- description: "WebSocket Service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ws
- label: "WebSocket Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 3012
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: certificateIssuer
- label: Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["certificateIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: certificateIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["certificateIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: securityContext
- group: Security and Permissions
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: container
- label: Container
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID of the user running the application"
- schema:
- type: int
- default: 568
- # Settings from questions.yaml get appended here on a per-app basis
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- show_if: [["runAsUser", "=", "0"]]
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "0022"
- - variable: advanced
- label: Show Advanced Settings
- description: Advanced settings are not covered by TrueCharts Support
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
-
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: scaleGPUEntry
- label: GPU
- schema:
- additional_attrs: true
- type: dict
- attrs:
- # Specify GPU configuration
- - variable: gpu
- label: Select GPU
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: cnpg
- group: Postgresql
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Postgresql Database"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: storage
- label: "Storage"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: size
- label: Size
- schema:
- type: string
- default: "256Gi"
- - variable: walsize
- label: Walsize
- schema:
- type: string
- default: "256Gi"
- - variable: pooler
- label: "Pooler"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: instances
- label: Instances
- schema:
- type: int
- default: 2
- - variable: Monitoring
- label: "Metrics"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enablePodMonitor
- label: "enablePodMonitor"
- schema:
- type: boolean
- default: true
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: gluetun
- description: Gluetun
- - value: tailscale
- description: Tailscale
- - value: openvpn
- description: OpenVPN (Deprecated)
- - value: wireguard
- description: Wireguard (Deprecated)
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: string
- show_if: [["type", "!=", "disabled"]]
- default: ""
-
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: netshoot
- label: Netshoot
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: envList
- label: Netshoot Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/enterprise/vaultwarden/20.0.8/templates/NOTES.txt b/enterprise/vaultwarden/20.0.8/templates/NOTES.txt
deleted file mode 100644
index efcb74cb772..00000000000
--- a/enterprise/vaultwarden/20.0.8/templates/NOTES.txt
+++ /dev/null
@@ -1 +0,0 @@
-{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/enterprise/vaultwarden/20.0.8/templates/_configmap.tpl b/enterprise/vaultwarden/20.0.8/templates/_configmap.tpl
deleted file mode 100644
index c21ff158df0..00000000000
--- a/enterprise/vaultwarden/20.0.8/templates/_configmap.tpl
+++ /dev/null
@@ -1,112 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "vaultwarden.configmap" -}}
-enabled: true
-data:
- ROCKET_PORT: "8080"
- SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
- {{- if .Values.vaultwarden.signupDomains }}
- SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
- {{- end }}
- {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
- SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
- {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
- REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
- {{- if .Values.vaultwarden.emailAttempts }}
- EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.emailTokenExpiration }}
- EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
- {{- end }}
- INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
- {{- if .Values.vaultwarden.defaultInviteName }}
- INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
- {{- end }}
- SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
- WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
- WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
- ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
- {{- if .Values.vaultwarden.attachmentLimitOrg }}
- ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.attachmentLimitUser }}
- USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.hibpApiKey }}
- HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
- {{- end }}
- {{- include "vaultwarden.dbTypeValid" . }}
- {{- if .Values.database.retries }}
- DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
- {{- end }}
- {{- if .Values.database.maxConnections }}
- DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.smtp.enabled true }}
- SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
- SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
- {{- if .Values.vaultwarden.smtp.fromName }}
- SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.ssl }}
- SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.port }}
- SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.authMechanism }}
- SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.heloName }}
- HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.timeout }}
- SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidHostname }}
- SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.smtp.invalidCertificate }}
- SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.log.file }}
- LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
- {{- end }}
- {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
- EXTENDED_LOGGING: "true"
- {{- end }}
- {{- if .Values.vaultwarden.log.level }}
- {{- include "vaultwarden.logLevelValid" . }}
- LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.log.timeFormat }}
- LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.disableDownload }}
- DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
- {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
- ICON_CACHE_TTL: "0"
- {{- end }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cache }}
- ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
- {{- end }}
- {{- if .Values.vaultwarden.icons.cacheFailed }}
- ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
- {{- end }}
- {{- if eq .Values.vaultwarden.admin.enabled true }}
- {{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
- DISABLE_ADMIN_TOKEN: "true"
- {{- end }}
- {{- end }}
- {{- if eq .Values.vaultwarden.yubico.enabled true }}
- {{- if .Values.vaultwarden.yubico.server }}
- YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
- {{- end }}
- {{- end }}
- {{- if eq .Values.database.type "sqlite" }}
- ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
- {{- else }}
- ENABLE_DB_WAL: "false"
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.8/templates/_secrets.tpl b/enterprise/vaultwarden/20.0.8/templates/_secrets.tpl
deleted file mode 100644
index a33f037cf71..00000000000
--- a/enterprise/vaultwarden/20.0.8/templates/_secrets.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "vaultwarden.secrets" -}}
-
-{{- $adminToken := "" }}
-{{- if eq .Values.vaultwarden.admin.enabled true }}
-{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | quote }}
-{{- end -}}
-
-{{- $smtpUser := "" }}
-{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
-{{- $smtpUser = .Values.vaultwarden.smtp.user | quote }}
-{{- end -}}
-
-{{- $yubicoClientId := "" }}
-{{- if eq .Values.vaultwarden.yubico.enabled true }}
-{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | quote }}
-{{- end -}}
-enabled: true
-data:
- placeholder: placeholdervalue
- {{- if ne $adminToken "" }}
- ADMIN_TOKEN: {{ $adminToken }}
- {{- end }}
- {{- if ne $smtpUser "" }}
- SMTP_USERNAME: {{ $smtpUser }}
- SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | quote }}
- {{- end }}
- {{- if ne $yubicoClientId "" }}
- YUBICO_CLIENT_ID: {{ $yubicoClientId }}
- YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | quote }}
- {{- end }}
-{{- end -}}
diff --git a/enterprise/vaultwarden/20.0.8/templates/_validate.tpl b/enterprise/vaultwarden/20.0.8/templates/_validate.tpl
deleted file mode 100644
index e4832c2f6e5..00000000000
--- a/enterprise/vaultwarden/20.0.8/templates/_validate.tpl
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-Ensure valid DB type is select, defaults to SQLite
-*/}}
-{{- define "vaultwarden.dbTypeValid" -}}
-{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
-{{- required "Invalid database type" nil }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Ensure log type is valid
-*/}}
-{{- define "vaultwarden.logLevelValid" -}}
-{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
-{{- required "Invalid log level" nil }}
-{{- end }}
-{{- end }}
diff --git a/enterprise/vaultwarden/20.0.8/templates/common.yaml b/enterprise/vaultwarden/20.0.8/templates/common.yaml
deleted file mode 100644
index 00565a16a7a..00000000000
--- a/enterprise/vaultwarden/20.0.8/templates/common.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.v1.common.loader.init" . }}
-
-
-{{/* Render configmap for vaultwarden */}}
-{{- $configmapFile := include "vaultwarden.configmap" . | fromYaml -}}
-{{- if $configmapFile -}}
- {{- $_ := set .Values.configmap "vaultwardenconfig" $configmapFile -}}
-{{- end -}}
-
-{{/* Render secrets for vaultwarden */}}
-{{- $secret := include "vaultwarden.secrets" . | fromYaml -}}
-{{- if $secret -}}
- {{- $_ := set .Values.secret "vaultwardensecret" $secret -}}
-{{- end -}}
-
-{{/* Define path for websocket */}}
-{{- define "vaultwarden.websocket" -}}
-{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" . -}}
-path: "/notifications/hub"
-# -- Ignored if not kubeVersion >= 1.14-0
-pathType: Prefix
-service:
- # -- Overrides the service name reference for this path
- name: {{ printf "%s-ws" $fullname }}
- port: {{ .Values.service.ws.ports.ws.port }}
-{{- end -}}
-
-{{/* inject websocket path to all main ingress hosts*/}}
-{{- define "vaultwarden.websocketinjector" -}}
-{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
-{{- if .Values.ingress.main.enabled }}
-{{- range .Values.ingress.main.hosts }}
-{{- $newpaths := list }}
-{{- $newpaths := concat .paths $path }}
-{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{/* inject websocket paths in ingress */}}
-{{- include "vaultwarden.websocketinjector" . }}
-
-{{/* Render the templates */}}
-{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/vaultwarden/20.0.8/values.yaml b/enterprise/vaultwarden/20.0.8/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/incubator/acestream/2.0.17/CHANGELOG.md b/incubator/acestream/2.0.17/CHANGELOG.md
deleted file mode 100644
index 30d251d8d3b..00000000000
--- a/incubator/acestream/2.0.17/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [acestream-2.0.17](https://github.com/truecharts/charts/compare/acestream-2.0.16...acestream-2.0.17) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/acestream to latest
-
-
-
-
-## [acestream-2.0.16](https://github.com/truecharts/charts/compare/acestream-2.0.15...acestream-2.0.16) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [acestream-2.0.15](https://github.com/truecharts/charts/compare/acestream-2.0.14...acestream-2.0.15) (2023-02-03)
-
-### Chore
-
-- update container image tccr.io/truecharts/acestream to latest
-
-
-
-
-## [acestream-2.0.14](https://github.com/truecharts/charts/compare/acestream-2.0.13...acestream-2.0.14) (2023-02-03)
-
-
-
-
-## [acestream-2.0.13](https://github.com/truecharts/charts/compare/acestream-2.0.12...acestream-2.0.13) (2023-01-07)
-
-### Chore
-
-- update container image tccr.io/truecharts/acestream to latest
-
-
-
-
-## [acestream-2.0.12](https://github.com/truecharts/charts/compare/acestream-2.0.11...acestream-2.0.12) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [acestream-2.0.11](https://github.com/truecharts/charts/compare/acestream-2.0.10...acestream-2.0.11) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [acestream-2.0.10](https://github.com/truecharts/charts/compare/acestream-2.0.9...acestream-2.0.10) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [acestream-2.0.8](https://github.com/truecharts/charts/compare/acestream-2.0.7...acestream-2.0.8) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [acestream-2.0.7](https://github.com/truecharts/charts/compare/acestream-2.0.6...acestream-2.0.7) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [acestream-2.0.6](https://github.com/truecharts/charts/compare/acestream-2.0.5...acestream-2.0.6) (2022-12-05)
-
-### Chore
-
-- update container image tccr.io/truecharts/acestream to latest ([#5130](https://github.com/truecharts/charts/issues/5130))
-
-
diff --git a/incubator/acestream/2.0.17/Chart.yaml b/incubator/acestream/2.0.17/Chart.yaml
deleted file mode 100644
index 8bbdfb99429..00000000000
--- a/incubator/acestream/2.0.17/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - MediaServer-Video
-apiVersion: v2
-appVersion: "latest"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: "Acestream-engine"
-home: https://truecharts.org/charts/incubator/acestream
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/acestream.png
-keywords:
- - acestream
- - MediaServer-Video
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: acestream
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/incubator/acestream
- - https://hub.docker.com/r/vstavrinov/acestream-service
- - https://github.com/vstavrinov/acestream-service
-type: application
-version: 2.0.17
diff --git a/incubator/acestream/2.0.17/README.md b/incubator/acestream/2.0.17/README.md
deleted file mode 100644
index 63d5d2c8fdc..00000000000
--- a/incubator/acestream/2.0.17/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/incubator/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/incubator/acestream/2.0.17/app-changelog.md b/incubator/acestream/2.0.17/app-changelog.md
deleted file mode 100644
index a7ce92b372e..00000000000
--- a/incubator/acestream/2.0.17/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [acestream-2.0.17](https://github.com/truecharts/charts/compare/acestream-2.0.16...acestream-2.0.17) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/acestream to latest
-
-
\ No newline at end of file
diff --git a/incubator/acestream/2.0.17/app-readme.md b/incubator/acestream/2.0.17/app-readme.md
deleted file mode 100644
index 9a67bcd1413..00000000000
--- a/incubator/acestream/2.0.17/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Acestream-engine
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/incubator/acestream](https://truecharts.org/charts/incubator/acestream)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/incubator/acestream/2.0.17/charts/common-11.1.2.tgz b/incubator/acestream/2.0.17/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/incubator/acestream/2.0.17/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/incubator/acestream/2.0.17/ix_values.yaml b/incubator/acestream/2.0.17/ix_values.yaml
deleted file mode 100644
index 68c891be7c9..00000000000
--- a/incubator/acestream/2.0.17/ix_values.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-env: {}
-image:
- pullPolicy: IfNotPresent
- repository: tccr.io/truecharts/acestream
- tag: latest@sha256:c372e24593fe23dc0f34f143299526dbf4454bf9fc860c74839e5dd98249393a
-persistence:
- acestreamcache:
- enabled: true
- mountPath: /srv/acestream/.ACEStream
-podSecurityContext:
- runAsGroup: 0
- runAsUser: 0
-securityContext:
- readOnlyRootFilesystem: false
- runAsNonRoot: false
-service:
- main:
- ports:
- main:
- port: 8008
- protocol: TCP
- targetPort: 6878
-
-portal:
- enabled: true
diff --git a/incubator/acestream/2.0.17/questions.yaml b/incubator/acestream/2.0.17/questions.yaml
deleted file mode 100644
index 12b56b359db..00000000000
--- a/incubator/acestream/2.0.17/questions.yaml
+++ /dev/null
@@ -1,1870 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 8008
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: acestreamcache
- label: "acestreamcache Storage"
- description: "Stream cache data"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/incubator/acestream/2.0.17/templates/common.yaml b/incubator/acestream/2.0.17/templates/common.yaml
deleted file mode 100644
index cbf66c20818..00000000000
--- a/incubator/acestream/2.0.17/templates/common.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-{{/* Render the templates */}}
-{{ include "tc.common.loader.all" . }}
diff --git a/incubator/acestream/2.0.17/values.yaml b/incubator/acestream/2.0.17/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/incubator/adguardhome-sync/2.0.13/CHANGELOG.md b/incubator/adguardhome-sync/2.0.13/CHANGELOG.md
deleted file mode 100644
index 6a040fd684a..00000000000
--- a/incubator/adguardhome-sync/2.0.13/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [adguardhome-sync-2.0.13](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.12...adguardhome-sync-2.0.13) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/adguardhome-sync to latest
-
-
-
-
-## [adguardhome-sync-2.0.12](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.11...adguardhome-sync-2.0.12) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [adguardhome-sync-2.0.11](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.10...adguardhome-sync-2.0.11) (2023-01-04)
-
-### Chore
-
-- update container image tccr.io/truecharts/adguardhome-sync to latest
-
-
-
-
-## [adguardhome-sync-2.0.10](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.9...adguardhome-sync-2.0.10) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [adguardhome-sync-2.0.9](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.8...adguardhome-sync-2.0.9) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [adguardhome-sync-2.0.8](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.7...adguardhome-sync-2.0.8) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [adguardhome-sync-2.0.7](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.6...adguardhome-sync-2.0.7) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [adguardhome-sync-2.0.6](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.5...adguardhome-sync-2.0.6) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [adguardhome-sync-2.0.5](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.4...adguardhome-sync-2.0.5) (2022-12-12)
-
-### Chore
-
-- update container image tccr.io/truecharts/adguardhome-sync to latest
-
-
-
-
-## [adguardhome-sync-2.0.4](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.3...adguardhome-sync-2.0.4) (2022-11-30)
-
-
-
-
-## [adguardhome-sync-2.0.4](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.3...adguardhome-sync-2.0.4) (2022-11-30)
-
-
-
-
-## [adguardhome-sync-2.0.4](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.3...adguardhome-sync-2.0.4) (2022-11-30)
-
diff --git a/incubator/adguardhome-sync/2.0.13/Chart.yaml b/incubator/adguardhome-sync/2.0.13/Chart.yaml
deleted file mode 100644
index 91613757b18..00000000000
--- a/incubator/adguardhome-sync/2.0.13/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - Other
-apiVersion: v2
-appVersion: "latest"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Adguardhome-sync(https://github.com/bakito/adguardhome-sync/) is a tool to synchronize AdGuardHome config to replica instances.
-home: https://truecharts.org/charts/incubator/adguardhome-sync
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/adguardhome-sync.png
-keywords:
- - adguardhome-sync
- - Other
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: adguardhome-sync
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/incubator/adguardhome-sync
- - https://fleet.linuxserver.io/image?name=linuxserver/adguardhome-sync
- - https://github.com/bakito/adguardhome-sync/
- - https://github.com/orgs/linuxserver/packages/container/package/adguardhome-sync
- - https://github.com/linuxserver/docker-adguardhome-sync#readme
-type: application
-version: 2.0.13
diff --git a/incubator/adguardhome-sync/2.0.13/README.md b/incubator/adguardhome-sync/2.0.13/README.md
deleted file mode 100644
index 63d5d2c8fdc..00000000000
--- a/incubator/adguardhome-sync/2.0.13/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/incubator/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/incubator/adguardhome-sync/2.0.13/app-changelog.md b/incubator/adguardhome-sync/2.0.13/app-changelog.md
deleted file mode 100644
index e04470c8bff..00000000000
--- a/incubator/adguardhome-sync/2.0.13/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [adguardhome-sync-2.0.13](https://github.com/truecharts/charts/compare/adguardhome-sync-2.0.12...adguardhome-sync-2.0.13) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/adguardhome-sync to latest
-
-
\ No newline at end of file
diff --git a/incubator/adguardhome-sync/2.0.13/app-readme.md b/incubator/adguardhome-sync/2.0.13/app-readme.md
deleted file mode 100644
index 7dd9e87d29f..00000000000
--- a/incubator/adguardhome-sync/2.0.13/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Adguardhome-sync(https://github.com/bakito/adguardhome-sync/) is a tool to synchronize AdGuardHome config to replica instances.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/incubator/adguardhome-sync](https://truecharts.org/charts/incubator/adguardhome-sync)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/incubator/adguardhome-sync/2.0.13/charts/common-11.1.2.tgz b/incubator/adguardhome-sync/2.0.13/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/incubator/adguardhome-sync/2.0.13/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/incubator/adguardhome-sync/2.0.13/ix_values.yaml b/incubator/adguardhome-sync/2.0.13/ix_values.yaml
deleted file mode 100644
index c4764b7e2de..00000000000
--- a/incubator/adguardhome-sync/2.0.13/ix_values.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-env:
- CONFIGFILE: ""
- UMASK: ""
-image:
- pullPolicy: IfNotPresent
- repository: tccr.io/truecharts/adguardhome-sync
- tag: latest@sha256:b180e316545dc3ab12b620a20b3c07b7b40b8dfc121f60fbdbfa045840136bd3
-persistence:
- config:
- enabled: true
- mountPath: /config
-podSecurityContext:
- runAsGroup: 0
- runAsUser: 0
-securityContext:
- readOnlyRootFilesystem: false
- runAsNonRoot: false
-service:
- main:
- ports:
- main:
- port: 8080
- protocol: TCP
- targetPort: 8080
-
-portal:
- enabled: true
diff --git a/incubator/adguardhome-sync/2.0.13/questions.yaml b/incubator/adguardhome-sync/2.0.13/questions.yaml
deleted file mode 100644
index 720b32c1318..00000000000
--- a/incubator/adguardhome-sync/2.0.13/questions.yaml
+++ /dev/null
@@ -1,1889 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: env
- group: "App Configuration"
- label: "Image Environment"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: CONFIGFILE
- label: "CONFIGFILE"
- description: "Set a custom config file."
- schema:
- type: string
- default: ""
- - variable: UMASK
- label: "UMASK"
- description: "Container Variable UMASK"
- schema:
- type: string
- default: ""
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 8080
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "config Storage"
- description: "Contains all relevant configuration files."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/incubator/adguardhome-sync/2.0.13/templates/common.yaml b/incubator/adguardhome-sync/2.0.13/templates/common.yaml
deleted file mode 100644
index cbf66c20818..00000000000
--- a/incubator/adguardhome-sync/2.0.13/templates/common.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-{{/* Render the templates */}}
-{{ include "tc.common.loader.all" . }}
diff --git a/incubator/adguardhome-sync/2.0.13/values.yaml b/incubator/adguardhome-sync/2.0.13/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/incubator/apprise-api/2.0.13/CHANGELOG.md b/incubator/apprise-api/2.0.13/CHANGELOG.md
deleted file mode 100644
index e7b85ebdbd0..00000000000
--- a/incubator/apprise-api/2.0.13/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [apprise-api-2.0.13](https://github.com/truecharts/charts/compare/apprise-api-2.0.12...apprise-api-2.0.13) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/apprise-api to latest
-
-
-
-
-## [apprise-api-2.0.12](https://github.com/truecharts/charts/compare/apprise-api-2.0.11...apprise-api-2.0.12) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [apprise-api-2.0.11](https://github.com/truecharts/charts/compare/apprise-api-2.0.10...apprise-api-2.0.11) (2023-01-04)
-
-### Chore
-
-- update container image tccr.io/truecharts/apprise-api to latest
-
-
-
-
-## [apprise-api-2.0.10](https://github.com/truecharts/charts/compare/apprise-api-2.0.9...apprise-api-2.0.10) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [apprise-api-2.0.9](https://github.com/truecharts/charts/compare/apprise-api-2.0.8...apprise-api-2.0.9) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
- - update container image tccr.io/truecharts/apprise-api to latest ([#5784](https://github.com/truecharts/charts/issues/5784))
-
-
-
-
-## [apprise-api-2.0.8](https://github.com/truecharts/charts/compare/apprise-api-2.0.7...apprise-api-2.0.8) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [apprise-api-2.0.7](https://github.com/truecharts/charts/compare/apprise-api-2.0.6...apprise-api-2.0.7) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [apprise-api-2.0.6](https://github.com/truecharts/charts/compare/apprise-api-2.0.5...apprise-api-2.0.6) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [apprise-api-2.0.5](https://github.com/truecharts/charts/compare/apprise-api-2.0.4...apprise-api-2.0.5) (2022-12-12)
-
-### Chore
-
-- update container image tccr.io/truecharts/apprise-api to latest
-
-
-
-
-## [apprise-api-2.0.4](https://github.com/truecharts/charts/compare/apprise-api-2.0.3...apprise-api-2.0.4) (2022-12-04)
-
-
-
-
-## [apprise-api-2.0.3](https://github.com/truecharts/charts/compare/apprise-api-2.0.2...apprise-api-2.0.3) (2022-11-30)
-
-
-
-
-## [apprise-api-2.0.3](https://github.com/truecharts/charts/compare/apprise-api-2.0.2...apprise-api-2.0.3) (2022-11-30)
diff --git a/incubator/apprise-api/2.0.13/Chart.yaml b/incubator/apprise-api/2.0.13/Chart.yaml
deleted file mode 100644
index eea3eefbeca..00000000000
--- a/incubator/apprise-api/2.0.13/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - Other
-apiVersion: v2
-appVersion: "latest"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: "Apprise-api(https://github.com/caronc/apprise-api) Takes advantage of Apprise(https://github.com/caronc/apprise) through your network with a user-friendly API.\n"
-home: https://truecharts.org/charts/incubator/apprise-api
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/apprise-api.png
-keywords:
- - apprise-api
- - Other
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: apprise-api
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/incubator/apprise-api
- - https://fleet.linuxserver.io/image?name=linuxserver/apprise-api
- - https://github.com/caronc/apprise-api
- - https://github.com/orgs/linuxserver/packages/container/package/apprise-api
- - https://github.com/linuxserver/docker-apprise-api#readme
-type: application
-version: 2.0.13
diff --git a/incubator/apprise-api/2.0.13/README.md b/incubator/apprise-api/2.0.13/README.md
deleted file mode 100644
index 63d5d2c8fdc..00000000000
--- a/incubator/apprise-api/2.0.13/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/incubator/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/incubator/apprise-api/2.0.13/app-changelog.md b/incubator/apprise-api/2.0.13/app-changelog.md
deleted file mode 100644
index 52814ad2bb0..00000000000
--- a/incubator/apprise-api/2.0.13/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [apprise-api-2.0.13](https://github.com/truecharts/charts/compare/apprise-api-2.0.12...apprise-api-2.0.13) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/apprise-api to latest
-
-
\ No newline at end of file
diff --git a/incubator/apprise-api/2.0.13/app-readme.md b/incubator/apprise-api/2.0.13/app-readme.md
deleted file mode 100644
index 1b82c87926d..00000000000
--- a/incubator/apprise-api/2.0.13/app-readme.md
+++ /dev/null
@@ -1,9 +0,0 @@
-Apprise-api(https://github.com/caronc/apprise-api) Takes advantage of Apprise(https://github.com/caronc/apprise) through your network with a user-friendly API.
-
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/incubator/apprise-api](https://truecharts.org/charts/incubator/apprise-api)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/incubator/apprise-api/2.0.13/charts/common-11.1.2.tgz b/incubator/apprise-api/2.0.13/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/incubator/apprise-api/2.0.13/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/incubator/apprise-api/2.0.13/ix_values.yaml b/incubator/apprise-api/2.0.13/ix_values.yaml
deleted file mode 100644
index 1b558fe5cd3..00000000000
--- a/incubator/apprise-api/2.0.13/ix_values.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-env:
- UMASK: ""
-image:
- pullPolicy: IfNotPresent
- repository: tccr.io/truecharts/apprise-api
- tag: latest@sha256:bbb548e29f6e4c8f11782aece465b0237eeea1b91aa14304a714e7b93a023588
-persistence:
- config:
- enabled: true
- mountPath: /config
-podSecurityContext:
- runAsGroup: 0
- runAsUser: 0
-securityContext:
- readOnlyRootFilesystem: false
- runAsNonRoot: false
-service:
- main:
- ports:
- main:
- port: 8000
- protocol: TCP
- targetPort: 8000
-
-portal:
- enabled: true
diff --git a/incubator/apprise-api/2.0.13/questions.yaml b/incubator/apprise-api/2.0.13/questions.yaml
deleted file mode 100644
index c26837f52f0..00000000000
--- a/incubator/apprise-api/2.0.13/questions.yaml
+++ /dev/null
@@ -1,1883 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: env
- group: "App Configuration"
- label: "Image Environment"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: UMASK
- label: "UMASK"
- description: "Container Variable UMASK"
- schema:
- type: string
- default: ""
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 8000
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "config Storage"
- description: "Where config is stored."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/incubator/apprise-api/2.0.13/templates/common.yaml b/incubator/apprise-api/2.0.13/templates/common.yaml
deleted file mode 100644
index cbf66c20818..00000000000
--- a/incubator/apprise-api/2.0.13/templates/common.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-{{/* Render the templates */}}
-{{ include "tc.common.loader.all" . }}
diff --git a/incubator/apprise-api/2.0.13/values.yaml b/incubator/apprise-api/2.0.13/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/incubator/factorio/2.0.13/CHANGELOG.md b/incubator/factorio/2.0.13/CHANGELOG.md
deleted file mode 100644
index f3df47f70bd..00000000000
--- a/incubator/factorio/2.0.13/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [factorio-2.0.13](https://github.com/truecharts/charts/compare/factorio-2.0.12...factorio-2.0.13) (2023-01-18)
-
-### Chore
-
-- update container image tccr.io/truecharts/factorio to vstable
-
-
-
-
-## [factorio-2.0.12](https://github.com/truecharts/charts/compare/factorio-2.0.11...factorio-2.0.12) (2023-01-12)
-
-### Chore
-
-- update container image tccr.io/truecharts/factorio to vstable
-
-
-
-
-## [factorio-2.0.11](https://github.com/truecharts/charts/compare/factorio-2.0.10...factorio-2.0.11) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [factorio-2.0.10](https://github.com/truecharts/charts/compare/factorioservermanager-2.0.5...factorio-2.0.10) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [factorio-2.0.9](https://github.com/truecharts/charts/compare/factorio-2.0.8...factorio-2.0.9) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [factorio-2.0.8](https://github.com/truecharts/charts/compare/factorioservermanager-2.0.4...factorio-2.0.8) (2022-12-24)
-
-### Chore
-
-- update container image tccr.io/truecharts/factorio to vstable
-
-
-
-
-## [factorio-2.0.7](https://github.com/truecharts/charts/compare/factorioservermanager-2.0.3...factorio-2.0.7) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [factorio-2.0.6](https://github.com/truecharts/charts/compare/factorio-2.0.5...factorio-2.0.6) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [factorio-2.0.5](https://github.com/truecharts/charts/compare/factorio-2.0.4...factorio-2.0.5) (2022-12-12)
-
-### Chore
-
-- update container image tccr.io/truecharts/factorio to vstable
-
-
-
-
-## [factorio-2.0.4](https://github.com/truecharts/charts/compare/factorioservermanager-2.0.2...factorio-2.0.4) (2022-12-02)
-
-
-
-
-## [factorio-2.0.3](https://github.com/truecharts/charts/compare/factorio-2.0.2...factorio-2.0.3) (2022-11-30)
-
-
-
-
-## [factorio-2.0.3](https://github.com/truecharts/charts/compare/factorio-2.0.2...factorio-2.0.3) (2022-11-30)
-
diff --git a/incubator/factorio/2.0.13/Chart.yaml b/incubator/factorio/2.0.13/Chart.yaml
deleted file mode 100644
index 49c82652ae3..00000000000
--- a/incubator/factorio/2.0.13/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - GameServers
-apiVersion: v2
-appVersion: "stable"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: "This Chart Chart will download the latest stable release of the game, generate the map and you're ready to play."
-home: https://truecharts.org/charts/incubator/factorio
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/factorio.png
-keywords:
- - factorio
- - GameServers
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: factorio
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/incubator/factorio
- - https://www.factorio.com/
- - https://hub.docker.com/r/factoriotools/factorio/
-type: application
-version: 2.0.13
diff --git a/incubator/factorio/2.0.13/README.md b/incubator/factorio/2.0.13/README.md
deleted file mode 100644
index 63d5d2c8fdc..00000000000
--- a/incubator/factorio/2.0.13/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/incubator/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/incubator/factorio/2.0.13/app-changelog.md b/incubator/factorio/2.0.13/app-changelog.md
deleted file mode 100644
index 5a2d68d1d71..00000000000
--- a/incubator/factorio/2.0.13/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [factorio-2.0.13](https://github.com/truecharts/charts/compare/factorio-2.0.12...factorio-2.0.13) (2023-01-18)
-
-### Chore
-
-- update container image tccr.io/truecharts/factorio to vstable
-
-
\ No newline at end of file
diff --git a/incubator/factorio/2.0.13/app-readme.md b/incubator/factorio/2.0.13/app-readme.md
deleted file mode 100644
index 132b21a7c19..00000000000
--- a/incubator/factorio/2.0.13/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-This Chart Chart will download the latest stable release of the game, generate the map and you're ready to play.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/incubator/factorio](https://truecharts.org/charts/incubator/factorio)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/incubator/factorio/2.0.13/charts/common-11.1.2.tgz b/incubator/factorio/2.0.13/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/incubator/factorio/2.0.13/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/incubator/factorio/2.0.13/ix_values.yaml b/incubator/factorio/2.0.13/ix_values.yaml
deleted file mode 100644
index b8c8f7708e9..00000000000
--- a/incubator/factorio/2.0.13/ix_values.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-env: {}
-image:
- pullPolicy: IfNotPresent
- repository: tccr.io/truecharts/factorio
- tag: vstable@sha256:e4416027bef1991be2d73689402073b85e6f2812bc9c72422990a38a58967eba
-persistence:
- path:
- enabled: true
- mountPath: /factorio
-podSecurityContext:
- runAsGroup: 0
- runAsUser: 0
-probes:
- liveness:
- enabled: false
- readiness:
- enabled: false
- startup:
- enabled: false
-securityContext:
- readOnlyRootFilesystem: false
- runAsNonRoot: false
-service:
- main:
- ports:
- main:
- port: 34197
- protocol: UDP
- targetPort: 34197
-
-portal:
- enabled: true
diff --git a/incubator/factorio/2.0.13/questions.yaml b/incubator/factorio/2.0.13/questions.yaml
deleted file mode 100644
index 96f829c59d8..00000000000
--- a/incubator/factorio/2.0.13/questions.yaml
+++ /dev/null
@@ -1,1829 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 34197
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: "path Storage"
- description: "Container Path factorio"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/incubator/factorio/2.0.13/templates/common.yaml b/incubator/factorio/2.0.13/templates/common.yaml
deleted file mode 100644
index cbf66c20818..00000000000
--- a/incubator/factorio/2.0.13/templates/common.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-{{/* Render the templates */}}
-{{ include "tc.common.loader.all" . }}
diff --git a/incubator/factorio/2.0.13/values.yaml b/incubator/factorio/2.0.13/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/incubator/frigate/5.0.14/CHANGELOG.md b/incubator/frigate/5.0.14/CHANGELOG.md
deleted file mode 100644
index 6a36ef75c15..00000000000
--- a/incubator/frigate/5.0.14/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [frigate-5.0.14](https://github.com/truecharts/charts/compare/frigate-5.0.13...frigate-5.0.14) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [frigate-5.0.13](https://github.com/truecharts/charts/compare/frigate-5.0.12...frigate-5.0.13) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [frigate-5.0.12](https://github.com/truecharts/charts/compare/frigate-5.0.11...frigate-5.0.12) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [frigate-5.0.11](https://github.com/truecharts/charts/compare/frigate-5.0.10...frigate-5.0.11) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [frigate-5.0.10](https://github.com/truecharts/charts/compare/frigate-5.0.9...frigate-5.0.10) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [frigate-5.0.9](https://github.com/truecharts/charts/compare/frigate-5.0.8...frigate-5.0.9) (2022-12-08)
-
-### Fix
-
-- quote all floats in values.yaml. because questions.yaml schema fails to validate when applying empty value ([#5204](https://github.com/truecharts/charts/issues/5204))
-
-
-
-
-## [frigate-5.0.8](https://github.com/truecharts/charts/compare/frigate-5.0.7...frigate-5.0.8) (2022-12-07)
-
-### Fix
-
-- render parent max_frames only when at least one child has value ([#5196](https://github.com/truecharts/charts/issues/5196))
-
-
-
-
-## [frigate-5.0.7](https://github.com/truecharts/charts/compare/frigate-5.0.6...frigate-5.0.7) (2022-12-06)
-
-### Fix
-
-- fix typos ([#5164](https://github.com/truecharts/charts/issues/5164))
-
-
-
-
-## [frigate-5.0.6](https://github.com/truecharts/charts/compare/frigate-5.0.5...frigate-5.0.6) (2022-11-30)
-
-
-
-
-## [frigate-5.0.6](https://github.com/truecharts/charts/compare/frigate-5.0.5...frigate-5.0.6) (2022-11-30)
-
-
-
-
-## [frigate-5.0.6](https://github.com/truecharts/charts/compare/frigate-5.0.5...frigate-5.0.6) (2022-11-30)
-
-
-
-
-## [frigate-5.0.6](https://github.com/truecharts/charts/compare/frigate-5.0.5...frigate-5.0.6) (2022-11-30)
-
-
-
-
-## [frigate-5.0.6](https://github.com/truecharts/charts/compare/frigate-5.0.5...frigate-5.0.6) (2022-11-30)
diff --git a/incubator/frigate/5.0.14/Chart.yaml b/incubator/frigate/5.0.14/Chart.yaml
deleted file mode 100644
index cdc46d06e35..00000000000
--- a/incubator/frigate/5.0.14/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "0.11.1"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: NVR With Realtime Object Detection for IP Cameras
-home: https://truecharts.org/charts/incubator/frigate
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/frigate.png
-keywords:
- - encode
- - nvr
- - media
- - frigate
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: frigate
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/incubator/frigate
- - https://github.com/blakeblackshear/frigate
- - https://hub.docker.com/r/blakeblackshear/frigate
-type: application
-version: 5.0.14
-annotations:
- truecharts.org/catagories: |
- - nvr
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/incubator/frigate/5.0.14/README.md b/incubator/frigate/5.0.14/README.md
deleted file mode 100644
index 63d5d2c8fdc..00000000000
--- a/incubator/frigate/5.0.14/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/incubator/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/incubator/frigate/5.0.14/app-changelog.md b/incubator/frigate/5.0.14/app-changelog.md
deleted file mode 100644
index 3bb9c98a35e..00000000000
--- a/incubator/frigate/5.0.14/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [frigate-5.0.14](https://github.com/truecharts/charts/compare/frigate-5.0.13...frigate-5.0.14) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
\ No newline at end of file
diff --git a/incubator/frigate/5.0.14/app-readme.md b/incubator/frigate/5.0.14/app-readme.md
deleted file mode 100644
index b7debe461d7..00000000000
--- a/incubator/frigate/5.0.14/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-NVR With Realtime Object Detection for IP Cameras
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/incubator/frigate](https://truecharts.org/charts/incubator/frigate)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/about/sponsor) or contributing back to the project any way you can!
diff --git a/incubator/frigate/5.0.14/charts/common-11.1.2.tgz b/incubator/frigate/5.0.14/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/incubator/frigate/5.0.14/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/incubator/frigate/5.0.14/ix_values.yaml b/incubator/frigate/5.0.14/ix_values.yaml
deleted file mode 100644
index e69097d995c..00000000000
--- a/incubator/frigate/5.0.14/ix_values.yaml
+++ /dev/null
@@ -1,472 +0,0 @@
-image:
- repository: tccr.io/truecharts/frigate
- pullPolicy: IfNotPresent
- tag: 0.11.1@sha256:8dd7273eebf396563d7bbc14778fd3d58c624e5063ffcf74b5b0afe63e7cdd7f
-
-securityContext:
- readOnlyRootFilesystem: false
- runAsNonRoot: false
-
-podSecurityContext:
- runAsUser: 0
- runAsGroup: 0
-
-global:
- isSCALE: true
-
-# -- In most cases the "enabled" key is only used internally to "render" or not the configuration
-# - Some parts of the config bellow are slightly modified so they can be added on SCALE UI. Mainly lists.
-# - Do not blindly copy paste configuration from upstream.
-frigate:
- mqtt:
- host: mqtt.server.com
- port: 1883
- # -- NOTE: Must be unique if you are running multiple instances
- topic_prefix: frigate
- # -- NOTE: Must be unique if you are running multiple instances
- client_id: frigate
- user: mqtt_user
- password: password
- stats_interval: 60
-
- detectors:
- # -- Enable it to add the configuration in the config file
- render_config: false
- config:
- []
- # -- Required: Name of the detector
- # - name: coral
- # # -- Valid values are 'edgetpu' (requires device property below) and 'cpu'.
- # type: edgetpu
- # # -- Device name as defined here: https://coral.ai/docs/edgetpu/multiple-edgetpu/#using-the-tensorflow-lite-python-api
- # device: usb
- # # -- This value is only used for CPU types
- # num_threads: 3
-
- model:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Optional: Path to the model
- path: /edgetpu_model.tflite
- # -- Optional: Path to the labelmap
- labelmap_path: /labelmap.txt
- # -- Required: Object detection model input width
- width: 320
- # -- Required: Object detection model input height
- height: 320
- # -- Optional: Label name modifications.
- labelmap:
- []
- # - model: "2"
- # name: vehicle
- # - model: 3
- # name: vehicle
-
- logger:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Optional: Default log verbosity (default: shown below)
- default: info
- # -- Optional: Component specific logger overrides
- logs:
- - component: frigate.event
- verbosity: debug
-
- birdseye:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Enables birdseye
- enabled: true
- # -- Optional: Width of the output resolution
- width: 1280
- # -- Optional: Height of the output resolution
- height: 720
- # -- Optional: Encoding quality of the mpeg1 feed
- # - 1 is the highest quality, and 31 is the lowest. Lower quality feeds utilize less CPU resources.
- quality: 8
- # -- Optional: Mode of the view. Available options are: objects, motion, and continuous
- # - objects - cameras are included if they have had a tracked object within the last 30 seconds
- # - motion - cameras are included if motion was detected in the last 30 seconds
- # - continuous - all cameras are included always
- mode: objects
-
- ffmpeg:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Optional: global ffmpeg args
- global_args: -hide_banner -loglevel warning
- # -- Optional: global input args
- input_args: -avoid_negative_ts make_zero -fflags +genpts+discardcorrupt -rtsp_transport tcp -timeout 5000000 -use_wallclock_as_timestamps 1
- # -- Optional: global hwaccel args
- # - NOTE: See hardware acceleration docs for your specific device
- hwaccel_args: ""
- # -- Optional: global output args
- output_args:
- # -- Optional: output args for detect streams
- detect: -f rawvideo -pix_fmt yuv420p
- # -- Optional: output args for record streams
- record: -f segment -segment_time 10 -segment_format mp4 -reset_timestamps 1 -strftime 1 -c copy -an
- # -- Optional: output args for rtmp streams
- rtmp: -c copy -f flv
-
- detect:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Enables detection for the camera.
- # - This value can be set via MQTT and will be updated in startup based on retained value
- enabled: true
- # -- Optional: width of the frame for the input with the detect role
- width: 1280
- # -- Optional: height of the frame for the input with the detect role
- height: 720
- # -- Optional: desired fps for your camera for the input with the detect role
- # - NOTE: Recommended value of 5. Ideally, try and reduce your FPS on the camera.
- fps: 5
- # -- Optional: Number of frames without a detection before frigate considers an object to be gone. (default: 5x the frame rate)
- max_disappeared: 25
- # -- Optional: Configuration for stationary object tracking
- stationary:
- # -- Optional: Frequency for confirming stationary objects
- # - When set to 0, object detection will not confirm stationary objects until movement is detected.
- # - If set to 10, object detection will run to confirm the object still exists on every 10th frame.
- interval: 0
- # -- Optional: Number of frames without a position change for an object to be considered stationary (default: 10x the frame rate or 10s)
- threshold: 50
- # -- Optional: Define a maximum number of frames for tracking a stationary object (default: not set, track forever)
- # - This can help with false positives for objects that should only be stationary for a limited amount of time.
- # - It can also be used to disable stationary object tracking. For example, you may want to set a value for person, but leave
- # - car at the default.
- # - WARNING: Setting these values overrides default behavior and disables stationary object tracking.
- # - There are very few situations where you would want it disabled. It is NOT recommended to
- # - copy these values from the example config into your config unless you know they are needed.
- # max_frames:
- # # -- Optional: Default for all object types (default: not set, track forever)
- # default:
- # # -- Optional: Object specific values
- # objects:
- # - object: person
- # frames: 1000
-
- objects:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Optional: list of objects to track from labelmap.txt
- track:
- - person
- # -- Optional: mask to prevent all object types from being detected in certain areas (default: no mask)
- # - Checks based on the bottom center of the bounding box of the object.
- # - NOTE: This mask is COMBINED with the object type specific mask below
- mask: 0,0,1000,0,1000,200,0,200
- # - Optional: filters to reduce false positives for specific object types
- filters:
- []
- # - object: person
- # # -- Optional: Minimum width*height of the bounding box for the detected object
- # min_area: 5000
- # # -- Optional: Maximum width*height of the bounding box for the detected object
- # max_area: 100000
- # # -- Optional: Minimum width/height of the bounding box for the detected object
- # min_ratio: "0.5"
- # # -- Optional: Maximum width/height of the bounding box for the detected object
- # max_ratio: "2.0"
- # # -- Optional: Minimum score for the object to initiate tracking
- # min_score: "0.5"
- # # -- Optional: Minimum decimal percentage for tracked object's computed score to be considered a true positive
- # threshold: "0.7"
- # # -- Optional: Mask to prevent this object type from being detected in certain areas
- # # - Checks based on the bottom center of the bounding box of the object
- # mask: 0,0,1000,0,1000,200,0,200
-
- motion:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Optional: The threshold passed to cv2.threshold to determine if a pixel is different enough to be counted as motion.
- # - Increasing this value will make motion detection less sensitive and decreasing it will make motion detection more sensitive.
- # - The value should be between 1 and 255.
- threshold: 25
- # -- Optional: Minimum size in pixels in the resized motion image that counts as motion
- # - Increasing this value will prevent smaller areas of motion from being detected. Decreasing will
- # - make motion detection more sensitive to smaller moving objects.
- # - As a rule of thumb:
- # - 15 - high sensitivity
- # - 30 - medium sensitivity
- # - 50 - low sensitivity
- contour_area: 30
- # -- Optional: Alpha value passed to cv2.accumulateWeighted when averaging the motion delta across multiple frames
- # - Higher values mean the current frame impacts the delta a lot, and a single raindrop may register as motion.
- # - Too low and a fast moving person wont be detected as motion.
- delta_alpha: "0.2"
- # -- Optional: Alpha value passed to cv2.accumulateWeighted when averaging frames to determine the background
- # - Higher values mean the current frame impacts the average a lot, and a new object will be averaged into the background faster.
- # - Low values will cause things like moving shadows to be detected as motion for longer.
- # - https://www.geeksforgeeks.org/background-subtraction-in-an-image-using-concept-of-running-average/
- frame_alpha: "0.2"
- # -- Optional: Height of the resized motion frame (default: 50)
- # - This operates as an efficient blur alternative. Higher values will result in more granular motion detection at the expense
- # - of higher CPU usage. Lower values result in less CPU, but small changes may not register as motion.
- frame_height: 50
- # -- Optional: motion mask
- # - NOTE: see docs for more detailed info on creating masks
- mask: 0,900,1080,900,1080,1920,0,1920
- # -- Optional: improve contrast
- # - Enables dynamic contrast improvement. This should help improve night detections at the cost of making motion detection more sensitive
- # - for daytime.
- improve_contrast: false
- # -- Optional: Delay when updating camera motion through MQTT from ON -> OFF
- mqtt_off_delay: 30
-
- record:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Optional: Enable recording
- # - WARNING: If recording is disabled in the config, turning it on via
- # - the UI or MQTT later will have no effect.
- # - WARNING: Frigate does not currently support limiting recordings based
- # - on available disk space automatically. If using recordings,
- # - you must specify retention settings for a number of days that
- # - will fit within the available disk space of your drive or Frigate will crash.
- enabled: false
- # -- Optional: Number of minutes to wait between cleanup runs
- # - This can be used to reduce the frequency of deleting recording segments from disk if you want to minimize i/o
- expire_interval: 60
- # -- Optional: Retention settings for recording
- retain:
- # -- Render retain config
- render_config: false
- # -- Optional: Number of days to retain recordings regardless of events
- # - NOTE: This should be set to 0 and retention should be defined in events section below
- # - if you only want to retain recordings of events.
- days: 0
- # -- Optional: Mode for retention. Available options are: all, motion, and active_objects
- # - all - save all recording segments regardless of activity
- # - motion - save all recordings segments with any detected motion
- # - active_objects - save all recording segments with active/moving objects
- # - NOTE: this mode only applies when the days setting above is greater than 0
- mode: all
- # -- Optional: Event recording settings
- events:
- # -- Optional: Number of seconds before the event to include
- pre_capture: 5
- # -- Optional: Number of seconds after the event to include
- post_capture: 5
- # -- Optional: Objects to save recordings for. Defaults to all
- objects:
- []
- # - person
- # -- Optional: Restrict recordings to objects that entered any of the listed zones
- required_zones: []
- # -- Optional: Retention settings for recordings of events
- retain:
- # -- Render retain config
- render_config: false
- # -- Required: Default retention days
- default: 10
- # -- Optional: Mode for retention.
- # - all - save all recording segments for events regardless of activity
- # - motion - save all recordings segments for events with any detected motion
- # - active_objects - save all recording segments for event with active/moving objects
- mode: motion
- # -- Optional: Per object retention days
- objects:
- - object: person
- days: 15
-
- snapshots:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Optional: Enable writing jpg snapshot to /media/frigate/clips
- # - This value can be set via MQTT and will be updated in startup based on retained value
- enabled: false
- # -- Optional: Save a clean PNG copy of the snapshot image
- clean_copy: true
- # -- Optional: print a timestamp on the snapshots
- timestamp: false
- # -- Optional: draw bounding box on the snapshots
- bounding_box: false
- # -- Optional: crop the snapshot
- crop: false
- # -- Optional: height to resize the snapshot to (default: original size)
- height:
- # -- Optional: Restrict snapshots to objects that entered any of the listed zones (default: no required zones)
- required_zones: []
- # -- Optional: Camera override for retention settings (default: global values)
- retain:
- # -- Render retain config
- render_config: false
- # -- Required: Default retention days (default: shown below)
- default: 10
- # -- Optional: Per object retention days
- objects:
- - object: person
- days: 15
-
- rtmp:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # - Optional: Enable the RTMP stream
- enabled: true
-
- live:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Optional: Set the height of the live stream. (default: 720)
- # - This must be less than or equal to the height of the detect stream. Lower resolutions
- # - reduce bandwidth required for viewing the live stream. Width is computed to match known aspect ratio.
- height: 720
- # -- Optional: Set the encode quality of the live stream (default: shown below)
- # - 1 is the highest quality, and 31 is the lowest. Lower quality feeds utilize less CPU resources.
- quality: 8
-
- timestamp_style:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Optional: Position of the timestamp
- # - "tl" (top left), "tr" (top right), "bl" (bottom left), "br" (bottom right)
- position: "tl"
- # -- Optional: Format specifier conform to the Python package "datetime"
- # - Additional Examples:
- # - german: "%d.%m.%Y %H:%M:%S"
- format: "%m/%d/%Y %H:%M:%S"
- # -- Optional: Color of font
- color:
- # -- All Required when color is specified (default: shown below)
- red: 255
- green: 255
- blue: 255
- # -- Optional: Line thickness of font (default: shown below)
- thickness: 2
- # -- Optional: Effect of lettering (default: shown below)
- # - None (No effect),
- # - "solid" (solid background in inverse color of font)
- # - "shadow" (shadow for font)
- effect: None
-
- cameras:
- # -- Required: name of the camera
- - camera_name: back
- # -- Required: ffmpeg settings for the camera
- ffmpeg:
- # -- Required: A list of input streams for the camera. See documentation for more information.
- inputs:
- # -- Required: the path to the stream
- - path: rtsp://viewer:password@10.0.10.10:554/cam/realmonitor?channel=1&subtype=2
- # -- Required: list of roles for this stream. valid values are: detect,record,rtmp
- # - NOTICE: In addition to assigning the record, and rtmp roles,
- # - they must also be enabled in the camera config.
- roles:
- - detect
- - rtmp
- # -- Optional: stream specific global args
- global_args:
- # - Optional: stream specific hwaccel args
- hwaccel_args:
- # - Optional: stream specific input args
- input_args:
- # -- Optional: camera specific global args
- global_args:
- # -- Optional: camera specific hwaccel args
- hwaccel_args:
- # -- Optional: camera specific input args
- input_args:
- # -- Optional: camera specific output args
- output_args:
- # -- Optional: timeout for highest scoring image before allowing it
- # - to be replaced by a newer image.
- best_image_timeout: 60
- # -- Optional: zones for this camera
- zones:
- # -- Required: name of the zone
- # - NOTE: This must be different than any camera names, but can match with another zone on another camera
- - name: front_steps
- # -- Required: List of x,y coordinates to define the polygon of the zone.
- # - NOTE: Presence in a zone is evaluated only based on the bottom center of the objects bounding box.
- coordinates: 545,1077,747,939,788,805
- # -- Optional: List of objects that can trigger this zone (default: all tracked objects)
- objects:
- - person
- # -- Optional: Zone level object filters.
- # -NOTE: The global and camera filters are applied upstream.
- filters:
- - object: person
- min_area: 5000
- max_area: 100000
- threshold: "0.7"
- # -- Optional: Configuration for the jpg snapshots published via MQTT
- mqtt:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Optional: Enable publishing snapshot via mqtt for camera
- # - NOTE: Only applies to publishing image data to MQTT via 'frigate///snapshot'.
- # - All other messages will still be published.
- enabled: true
- # -- Optional: print a timestamp on the snapshots
- timestamp: true
- # -- Optional: draw bounding box on the snapshots
- bounding_box: true
- # -- Optional: crop the snapshot
- crop: true
- # -- Optional: height to resize the snapshot to
- height: 270
- # -- Optional: jpeg encode quality
- quality: 70
- # -- Optional: Restrict mqtt messages to objects that entered any of the listed zones
- required_zones: []
- # -- Optional: Configuration for how camera is handled in the GUI.
- ui:
- # -- Enable it to add the configuration in the config file
- render_config: false
- # -- Optional: Adjust sort order of cameras in the UI. Larger numbers come later
- # - By default the cameras are sorted alphabetically.
- order: 0
- # -- Optional: Whether or not to show the camera in the Frigate UI
- dashboard: true
-
-ingress:
- rtmp:
- autoLink: true
-
-service:
- main:
- ports:
- main:
- port: 10500
- protocol: HTTP
- targetPort: 5000
- rtmp:
- enabled: true
- ports:
- rtmp:
- enabled: true
- port: 1935
- targetPort: 1935
-
-persistence:
- media:
- enabled: true
- mountPath: /media
- size: 256Gi
- db:
- enabled: true
- mountPath: /db
- size: 256Gi
- type: emptyDir
- cache:
- enabled: true
- mountPath: /tmp/cache
- type: emptyDir
- shm:
- enabled: true
- mountPath: /dev/shm
- type: emptyDir
- medium: Memory
- frigate-config:
- enabled: true
- mountPath: /config
- type: configMap
- objectName: '{{ template "tc.common.names.fullname" . }}-frigate-config'
- items:
- - key: config.yml
- path: config.yml
-
-portal:
- enabled: true
diff --git a/incubator/frigate/5.0.14/questions.yaml b/incubator/frigate/5.0.14/questions.yaml
deleted file mode 100644
index 633aea38c61..00000000000
--- a/incubator/frigate/5.0.14/questions.yaml
+++ /dev/null
@@ -1,3323 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: frigate
- group: App Configuration
- label: Frigate Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: mqtt
- label: MQTT
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: Host
- schema:
- type: string
- required: true
- default: ""
- - variable: port
- label: Port
- schema:
- type: int
- required: true
- default: 1883
- - variable: topic_prefix
- label: Topic Prefix
- description: Must be unique if you are running multiple instances
- schema:
- type: string
- required: true
- default: frigate
- - variable: topic_prefix
- label: Client ID
- description: Must be unique if you are running multiple instances
- schema:
- type: string
- required: true
- default: frigate
- - variable: stats_interval
- label: Stats Interval
- description: Interval in seconds for publishing stats
- schema:
- type: int
- required: true
- default: 60
- - variable: user
- label: Username
- schema:
- type: string
- default: ""
- - variable: password
- label: Password
- schema:
- type: string
- private: true
- default: ""
- - variable: detectors
- label: Detectors
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: config
- label: Detectors Configuration
- schema:
- type: list
- default: []
- items:
- - variable: detector_entry
- label: Detector Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- description: Name of the detector
- schema:
- type: string
- required: true
- default: ""
- - variable: type
- label: Type
- description: Name of the detector
- schema:
- type: string
- required: true
- default: cpu
- enum:
- - value: cpu
- description: CPU
- - value: edgetpu
- description: Edge TPU
- - variable: device
- label: Device
- description: Device name as defined here - https://coral.ai/docs/edgetpu/multiple-edgetpu/#using-the-tensorflow-lite-python-api
- schema:
- type: string
- default: ""
- - variable: num_threads
- label: Number of Threads
- description: This value is only used for CPU types
- schema:
- type: int
- show_if: [["type", "=", "cpu"]]
- default: 3
- - variable: model
- label: Model
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: Path
- schema:
- type: string
- default: /edgetpu_model.tflite
- - variable: labelmap_path
- label: Label Map Path
- schema:
- type: string
- default: /labelmap.txt
- - variable: width
- label: Width
- schema:
- type: int
- default: 320
- - variable: height
- label: Height
- schema:
- type: int
- default: 320
- - variable: labelmap
- label: LabelMap Configuration
- schema:
- type: list
- default: []
- items:
- - variable: labelmap_entry
- label: LabelMap Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: model
- label: Model
- schema:
- type: string
- default: ""
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: logger
- label: Logger
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: default
- label: Default Log Verbosity
- schema:
- type: string
- required: true
- default: info
- enum:
- - value: info
- description: Info
- - value: debug
- description: Debug
- - value: warning
- description: Warning
- - value: error
- description: Error
- - value: critical
- description: Critical
- - variable: logs
- label: Component Specific Logs
- schema:
- type: list
- default: []
- items:
- - variable: component_entry
- label: Component Specific Log Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: component
- label: Component
- description: Find out the available components here https://docs.frigate.video/configuration/advanced/#logger
- schema:
- type: string
- required: true
- default: ""
- - variable: verbosity
- label: Default Log Verbosity
- schema:
- type: string
- required: true
- default: info
- enum:
- - value: info
- description: Info
- - value: debug
- description: Debug
- - value: warning
- description: Warning
- - value: error
- description: Error
- - value: critical
- description: Critical
- - variable: birdseye
- label: Birds Eye
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabled
- label: Enabled
- description: Enables the birdseye
- schema:
- type: boolean
- default: true
- - variable: width
- label: Width
- description: Width of the output resolution
- schema:
- type: int
- required: true
- default: 1280
- - variable: height
- label: Height
- description: Height of the output resolution
- schema:
- type: int
- required: true
- default: 720
- - variable: quality
- label: Quality
- description: Encoding quality of the mpeg1 feed. Where 1 is the highest quality, and 31 is the lowest. Lower quality feeds utilize less CPU resources.
- schema:
- type: int
- min: 1
- max: 31
- required: true
- default: 8
- - variable: mode
- label: Mode
- description: |
- Mode of the view.
- Objects - Cameras are included if they have had a tracked object within the last 30 seconds.
- Motion - Cameras are included if motion was detected in the last 30 seconds.
- Continuous - All cameras are included always.
- schema:
- type: string
- required: true
- default: objects
- enum:
- - value: objects
- description: Objects
- - value: motion
- description: Motion
- - value: continuous
- description: Continuous
- - variable: ffmpeg
- label: ffmpeg
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: global_args
- label: Global Args
- schema:
- type: string
- required: true
- default: -hide_banner -loglevel warning
- - variable: input_args
- label: Input Args
- schema:
- type: string
- required: true
- default: -avoid_negative_ts make_zero -fflags +genpts+discardcorrupt -rtsp_transport tcp -timeout 5000000 -use_wallclock_as_timestamps 1
- - variable: hwaccel_args
- label: HW Acceleration Args
- description: See hardware acceleration docs for your specific device
- schema:
- type: string
- default: ""
- - variable: output_args
- label: Output Args
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: detect
- label: Detect
- schema:
- type: string
- required: true
- default: -f rawvideo -pix_fmt yuv420p
- - variable: record
- label: Record
- schema:
- type: string
- required: true
- default: -f segment -segment_time 10 -segment_format mp4 -reset_timestamps 1 -strftime 1 -c copy -an
- - variable: rtmp
- label: RTMP
- schema:
- type: string
- required: true
- default: -c copy -f flv
- - variable: detect
- label: Detect
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabled
- label: Enabled
- description: Enables detection for the cameras
- schema:
- type: boolean
- default: true
- - variable: width
- label: Width
- description: Width of the frame for the input with the detect role
- schema:
- type: int
- required: true
- default: 1280
- - variable: height
- label: Height
- description: Height of the frame for the input with the detect role
- schema:
- type: int
- required: true
- default: 720
- - variable: fps
- label: FPS
- description: Desired fps for your camera for the input with the detect role. Recommended value of 5. Ideally, try and reduce your FPS on the camera.
- schema:
- type: int
- required: true
- default: 5
- - variable: max_disappeared
- label: Max Disappeared
- description: Number of frames without a detection before frigate considers an object to be gone.
- schema:
- type: int
- required: true
- default: 25
- - variable: stationary
- label: Stationary
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: interval
- label: Interval
- description: |
- Frequency for confirming stationary objects
- When set to 0, object detection will not confirm stationary objects until movement is detected.
- If set to 10, object detection will run to confirm the object still exists on every 10th frame.
- schema:
- type: int
- required: true
- default: 0
- - variable: threshold
- label: Threshold
- description: Number of frames without a position change for an object to be considered stationary
- schema:
- type: int
- required: true
- default: 50
- - variable: set_max_frames
- label: Set Max Frames
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: max_frames
- label: Max Frames
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default
- label: Default
- description: Default for all object types
- schema:
- type: int
- "null": true
- - variable: objects
- label: Objects
- schema:
- type: list
- default: []
- items:
- - variable: object_entry
- label: Object Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: object
- label: Object
- schema:
- type: string
- required: true
- default: ""
- - variable: frames
- label: Frames
- schema:
- type: int
- required: true
- - variable: objects
- label: Objects
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: track
- label: Track
- description: Objects to track from labelmap.txt
- schema:
- type: list
- default: []
- items:
- - variable: track_entry
- label: Track Object Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: mask
- label: Mask
- description: |
- Mask to prevent all object types from being detected in certain areas
- Checks based on the bottom center of the bounding box of the object.
- This mask is COMBINED with the object type specific mask below
- schema:
- type: string
- default: ""
- - variable: filters
- label: Filters
- description: Filters to reduce false positives for specific object types
- schema:
- type: list
- default: []
- items:
- - variable: filter_entry
- label: Filter Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: object
- label: Object
- description: For example person
- schema:
- type: string
- required: true
- default: ""
- - variable: min_area
- label: Min Area
- description: Minimum width*height of the bounding box for the detected object
- schema:
- type: int
- "null": true
- - variable: max_area
- label: Max Area
- description: Maximum width*height of the bounding box for the detected object
- schema:
- type: int
- "null": true
- - variable: min_ratio
- label: Min Ratio
- description: Minimum width/height of the bounding box for the detected object
- schema:
- type: string
- default: ""
- valid_chars: '^[0-9]+(\.[0-9]*)?$'
- - variable: max_ratio
- label: Max Ratio
- description: Maximum width/height of the bounding box for the detected object
- schema:
- type: string
- default: ""
- valid_chars: '^[0-9]+(\.[0-9]*)?$'
- - variable: min_score
- label: Min Score
- description: Minimum score for the object to initiate tracking
- schema:
- type: string
- default: ""
- valid_chars: '^[0-9]+(\.[0-9]*)?$'
- - variable: threshold
- label: Threshold
- description: Minimum decimal percentage for tracked object's computed score to be considered a true positive
- schema:
- type: string
- default: ""
- valid_chars: '^[0-9]+(\.[0-9]*)?$'
- - variable: mask
- label: Mask
- description: |
- Mask to prevent this object type from being detected in certain areas
- Checks based on the bottom center of the bounding box of the object
- schema:
- type: string
- default: ""
- - variable: motion
- label: Motion
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: threshold
- label: Threshold
- description: |
- The threshold passed to cv2.threshold to determine if a pixel is different enough to be counted as motion.
- Increasing this value will make motion detection less sensitive and decreasing it will make motion detection more sensitive.
- schema:
- type: int
- min: 1
- max: 255
- default: 25
- - variable: contour_area
- label: Contour Area
- description: |
- Minimum size in pixels in the resized motion image that counts as motion
- Increasing this value will prevent smaller areas of motion from being detected. Decreasing will
- make motion detection more sensitive to smaller moving objects.
- As a rule of thumb:
- 15 - high sensitivity
- 30 - medium sensitivity
- 50 - low sensitivity
- schema:
- type: int
- default: 30
- - variable: delta_alpha
- label: Delta Alpha
- description: |
- Alpha value passed to cv2.accumulateWeighted when averaging the motion delta across multiple frames
- Higher values mean the current frame impacts the delta a lot, and a single raindrop may register as motion.
- Too low and a fast moving person wont be detected as motion.
- schema:
- type: string
- default: ""
- valid_chars: '^[0-9]+(\.[0-9]*)?$'
- - variable: frame_alpha
- label: Frame Alpha
- description: |
- Alpha value passed to cv2.accumulateWeighted when averaging frames to determine the background
- Higher values mean the current frame impacts the average a lot, and a new object will be averaged into the background faster.
- Low values will cause things like moving shadows to be detected as motion for longer.
- https://www.geeksforgeeks.org/background-subtraction-in-an-image-using-concept-of-running-average
- schema:
- type: string
- default: ""
- valid_chars: '^[0-9]+(\.[0-9]*)?$'
- - variable: frame_height
- label: Frame Height
- description: |
- Height of the resized motion frame
- This operates as an efficient blur alternative. Higher values will result in more granular motion detection at the expense
- of higher CPU usage. Lower values result in less CPU, but small changes may not register as motion.
- schema:
- type: int
- default: 50
- - variable: mask
- label: Mask
- description: See docs for more detailed info on creating masks
- schema:
- type: string
- default: ""
- - variable: improve_contrast
- label: Improve Contrast
- description: Improve contrast. Enables dynamic contrast improvement. This should help improve night detections at the cost of making motion detection more sensitive for daytime.
- schema:
- type: boolean
- default: false
- - variable: mqtt_off_delay
- label: MQTT Off Delay
- description: Delay when updating camera motion through MQTT from ON -> OFF
- schema:
- type: int
- default: 30
- - variable: record
- label: Record
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabled
- label: Enabled
- description: |
- Enable recording
- WARNING: If recording is disabled in the config, turning it on via the UI or MQTT later will have no effect.
- WARNING: Frigate does not currently support limiting recordings based on available disk space automatically.
- If using recordings,you must specify retention settings for a number of days that will fit within the available disk space of your drive or Frigate will crash.
- schema:
- type: boolean
- default: true
- - variable: expire_interval
- label: Expire Interval
- description: Number of minutes to wait between cleanup runs
- schema:
- type: int
- required: true
- default: 60
- - variable: retain
- label: Retain
- description: Retention settings for recording
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Retain Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: days
- label: Days
- description: |
- Number of days to retain recordings regardless of events
- NOTE: This should be set to 0 and retention should be defined in events section below if you only want to retain recordings of events.
- schema:
- type: int
- required: true
- default: 0
- - variable: mode
- label: Mode
- description: |
- Mode for retention.
- All - save all recording segments regardless of activity
- Motion - save all recordings segments with any detected motion
- Active Objects - save all recording segments with active/moving objects
- NOTE: This mode only applies when the days setting above is greater than 0
- schema:
- type: string
- show_if: [["days", "!=", 0]]
- required: true
- default: all
- enum:
- - value: all
- description: All
- - value: motion
- description: Motion
- - value: active_objects
- description: Active Objects
- - variable: events
- label: Events
- description: Event recording settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: pre_capture
- label: Pre Capture
- description: Number of seconds before the event to include
- schema:
- type: int
- required: true
- default: 5
- - variable: post_capture
- label: Post Capture
- description: Number of seconds after the event to include
- schema:
- type: int
- required: true
- default: 5
- - variable: objects
- label: Objects
- description: Objects to save recordings for. Defaults to all objects.
- schema:
- type: list
- default: []
- items:
- - variable: object_entry
- label: Object Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: required_zones
- label: Required Zones
- description: Restrict recordings to objects that entered any of the listed zones
- schema:
- type: list
- default: []
- items:
- - variable: zone_entry
- label: Zone Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: retain
- label: Retain
- description: Retention settings for recordings of events
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Retain Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: default
- label: Default
- description: Default retention days
- schema:
- type: int
- required: true
- default: 10
- - variable: mode
- label: Mode
- description: |
- Mode for retention.
- All - save all recording segments for events regardless of activity
- Motion - save all recordings segments for events with any detected motion
- Active Objects - save all recording segments for event with active/moving objects
- schema:
- type: string
- required: true
- default: motion
- enum:
- - value: all
- description: All
- - value: motion
- description: Motion
- - value: active_objects
- description: Active Objects
- - variable: objects
- label: Objects
- description: Per object retention days
- schema:
- type: list
- default: []
- items:
- - variable: objects_entry
- label: Objects Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: object
- label: Object
- description: For example Person
- schema:
- type: string
- required: true
- default: ""
- - variable: days
- label: Retention Days
- description: Retention days for the object
- schema:
- type: int
- required: true
- default: 15
- - variable: snapshots
- label: Snapshots
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabled
- label: Enabled
- description: |
- Optional: Enable writing jpg snapshot to /media/frigate/clips
- This value can be set via MQTT and will be updated in startup based on retained value
- schema:
- type: boolean
- default: true
- - variable: clean_copy
- label: Clean Copy
- description: Save a clean PNG copy of the snapshot image
- schema:
- type: boolean
- default: true
- - variable: timestamp
- label: Timestamp
- description: Print a timestamp on the snapshots
- schema:
- type: boolean
- default: false
- - variable: bounding_box
- label: Bounding Box
- description: Draw bounding box on the snapshots
- schema:
- type: boolean
- default: false
- - variable: crop
- label: Crop
- description: Crop the snapshot
- schema:
- type: boolean
- default: false
- - variable: height
- label: Height
- description: Height to resize the snapshot to
- schema:
- type: int
- "null": true
- - variable: required_zones
- label: Required Zones
- description: Restrict recordings to objects that entered any of the listed zones
- schema:
- type: list
- default: []
- items:
- - variable: zone_entry
- label: Zone Entry
- schema:
- type: string
- required: true
- default: ""
- - variable: retain
- label: Retain
- description: Retention settings for recordings of events
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Retain Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: default
- label: Default
- description: Default retention days
- schema:
- type: int
- required: true
- default: 10
- - variable: objects
- label: Objects
- description: Per object retention days
- schema:
- type: list
- default: []
- items:
- - variable: objects_entry
- label: Objects Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: object
- label: Object
- description: For example Person
- schema:
- type: string
- required: true
- default: ""
- - variable: days
- label: Retention Days
- description: Retention days for the object
- schema:
- type: int
- required: true
- default: 15
- - variable: rtmp
- label: RTMP
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabled
- label: Enabled
- description: Enable the RTMP stream
- schema:
- type: boolean
- default: true
- - variable: live
- label: Live
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: height
- label: Height
- description: |
- Set the height of the live stream.
- This must be less than or equal to the height of the detect stream. Lower resolutions
- reduce bandwidth required for viewing the live stream. Width is computed to match known aspect ratio.
- schema:
- type: int
- required: true
- default: 720
- - variable: quality
- label: Quality
- description: |
- Set the encode quality of the live stream
- 1 is the highest quality, and 31 is the lowest. Lower quality feeds utilize less CPU resources.
- schema:
- type: int
- required: true
- min: 1
- max: 31
- default: 8
- - variable: timestamp_style
- label: Timestamp Style
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: position
- label: Position
- description: Position of the timestamp
- schema:
- type: string
- required: true
- default: tl
- enum:
- - value: tl
- description: Top Left
- - value: tr
- description: Top Right
- - value: bl
- description: Bottom Left
- - value: br
- description: Bottom Right
- - variable: format
- label: Format
- description: Format specifier conform to the Python package "datetime"
- schema:
- type: string
- required: true
- default: "%m/%d/%Y %H:%M:%S"
- - variable: color
- label: Color
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: red
- label: Red
- schema:
- type: int
- default: 255
- required: true
- - variable: green
- label: Green
- schema:
- type: int
- required: true
- default: 255
- - variable: blue
- label: Blue
- schema:
- type: int
- required: true
- default: 255
- - variable: thickness
- label: Thickness
- description: Line thickness of font
- schema:
- type: int
- required: true
- default: 2
- - variable: effect
- label: Effect
- description: |
- Effect of lettering
- None - No effect
- Solid - Solid background in inverse color of font
- Shadow - Shadow for font
- schema:
- type: string
- required: true
- default: None
- enum:
- - value: None
- description: None
- - value: solid
- description: Solid
- - value: shadow
- description: Shadow
- - variable: cameras
- label: Cameras
- schema:
- type: list
- default: []
- items:
- - variable: camera_entry
- label: Camera Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: camera_name
- label: Camera Name
- schema:
- type: string
- required: true
- default: ""
- - variable: ffmpeg
- label: ffmpeg
- description: ffmpeg Settings for the camera
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: inputs
- label: Inputs
- description: A list of input streams for the camera. See documentation for more information.
- schema:
- type: list
- required: true
- default: []
- items:
- - variable: input_entry
- label: Input Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- description: The path to the stream
- schema:
- type: string
- required: true
- default: ""
- - variable: roles
- label: Roles
- schema:
- type: list
- required: true
- default: []
- items:
- - variable: role_entry
- label: Role Entry
- schema:
- type: string
- required: true
- default: ""
- enum:
- - value: detect
- description: Detect
- - value: rtmp
- description: RTMP
- - value: record
- description: Record
- - variable: global_args
- label: Global Args
- description: Camera specific global args
- schema:
- type: string
- default: ""
- - variable: hwaccel_args
- label: HW Acceleration Args
- description: Camera specific hwaccel args
- schema:
- type: string
- default: ""
- - variable: input_args
- label: Input Args
- description: Camera specific input args
- schema:
- type: string
- default: ""
- - variable: output_args
- label: Output Args
- description: Camera specific output args
- schema:
- type: string
- default: ""
- - variable: best_image_timeout
- label: Best Image Timeout
- description: Timeout for highest scoring image before allowing it to be replaced by a newer image.
- schema:
- type: int
- required: true
- default: 60
- - variable: zones
- label: Zones
- description: Zones for this camera
- schema:
- type: list
- default: []
- items:
- - variable: zone_entry
- label: Zone Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Zone Name
- schema:
- type: string
- required: true
- default: ""
- - variable: coordinates
- label: Coordinates
- description: List of x,y coordinates to define the polygon of the zone.
- schema:
- type: string
- required: true
- default: ""
- - variable: objects
- label: Objects
- schema:
- type: list
- default: []
- items:
- - variable: object_entry
- label: Object Entry
- description: For example person
- schema:
- type: string
- required: true
- default: ""
- - variable: filters
- label: Filters
- description: Zone level object filters
- schema:
- type: list
- default: []
- items:
- - variable: filter_entry
- label: Filter Entry
- description: For example person
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: object
- label: Object
- description: For example person
- schema:
- type: string
- required: true
- default: ""
- - variable: min_area
- label: Min Area
- description: Minimum width*height of the bounding box for the detected object
- schema:
- type: int
- "null": true
- - variable: max_area
- label: Max Area
- description: Maximum width*height of the bounding box for the detected object
- schema:
- type: int
- "null": true
- - variable: threshold
- label: Threshold
- description: Minimum decimal percentage for tracked object's computed score to be considered a true positive
- schema:
- type: string
- default: ""
- valid_chars: '^[0-9]+(\.[0-9]*)?$'
- - variable: mqtt
- label: MQTT
- description: MQTT Configuration for jpg snapshots published for this camera
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: enabled
- label: Enabled
- description: |
- Enable publishing snapshot via mqtt for camera
- NOTE: Only applies to publishing image data to MQTT via 'frigate///snapshot'.
- All other messages will still be published.
- schema:
- type: boolean
- default: true
- - variable: timestamp
- label: Timestamp
- description: Print a timestamp on the snapshots
- schema:
- type: boolean
- default: true
- - variable: bounding_box
- label: Bounding Box
- description: Draw bounding box on the snapshots
- schema:
- type: boolean
- default: true
- - variable: crop
- label: Crop
- description: Crop the snapshot
- schema:
- type: boolean
- default: true
- - variable: height
- label: Height
- description: Height to resize the snapshot to
- schema:
- type: int
- required: true
- default: 720
- - variable: quality
- label: Quality
- description: JPEG encode quality
- schema:
- type: int
- required: true
- default: 70
- - variable: required_zones
- label: Required Zones
- description: Restrict mqtt messages to objects that entered any of the listed zones
- schema:
- type: list
- default: []
- items:
- - variable: required_zone
- label: Required Zone
- schema:
- type: string
- required: true
- default: ""
- - variable: ui
- label: UI
- description: Configuration for how camera is handled in the GUI.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: render_config
- label: Render Configuration
- description: Enable it to add the configuration in the config file
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: order
- label: order
- description: Adjust sort order of cameras in the UI. Larger numbers come later By default the cameras are sorted alphabetically.
- schema:
- "null": true
- type: int
- - variable: dashboard
- label: Dashboard
- description: Whether or not to show the camera in the Frigate UI
- schema:
- type: boolean
- default: true
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Service
- description: The Primary service on which the healthcheck runs, often the webUI
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Service Port Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- description: This port exposes the container port on the service
- schema:
- type: int
- default: 10500
- editable: true
- required: true
- - variable: rtmp
- label: RTMP Service
- description: The service on which nodes connect to.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: rtmp
- label: RTMP Service Port Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- description: This port exposes the container port on the service
- schema:
- type: int
- default: 1935
- editable: true
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: media
- label: App Media
- description: Stores the Application Media
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: db
- label: App DB
- description: Stores the Application DB
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: Privileged mode
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: ReadOnly Root Filesystem
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: Allow Privilege Escalation
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: runAsNonRoot
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: runAsUser
- description: The UserID of the user running the application
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: runAsGroup
- description: The groupID this App of the user running the application
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: fsGroup
- description: The group that should own ALL storage.
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: horizontalPodAutoscaler
- group: Advanced
- label: (Advanced) Horizontal Pod Autoscaler
- schema:
- type: list
- default: []
- items:
- - variable: hpaEntry
- label: HPA Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: target
- label: Target
- description: Deployment name, Defaults to Main Deployment
- schema:
- type: string
- default: ""
- - variable: minReplicas
- label: Minimum Replicas
- schema:
- type: int
- default: 1
- - variable: maxReplicas
- label: Maximum Replicas
- schema:
- type: int
- default: 5
- - variable: targetCPUUtilizationPercentage
- label: Target CPU Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: targetMemoryUtilizationPercentage
- label: Target Memory Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/incubator/frigate/5.0.14/templates/_configmap.tpl b/incubator/frigate/5.0.14/templates/_configmap.tpl
deleted file mode 100644
index 591cd0a4d75..00000000000
--- a/incubator/frigate/5.0.14/templates/_configmap.tpl
+++ /dev/null
@@ -1,364 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "frigate.configmap" -}}
-
-{{- $configName := printf "%s-frigate-config" (include "tc.common.names.fullname" .) }}
-
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ $configName }}
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
-data:
- config.yml: |
- database:
- path: /db/frigate.db
- mqtt:
- host: {{ required "You need to provide an MQTT host" .Values.frigate.mqtt.host }}
- port: {{ .Values.frigate.mqtt.port | default 1883 }}
- topic_prefix: {{ .Values.frigate.mqtt.topic_prefix | default "frigate" }}
- client_id: {{ .Values.frigate.mqtt.client_id | default "frigate" }}
- stats_interval: {{ .Values.frigate.mqtt.stats_interval| default 60 }}
- {{- with .Values.frigate.mqtt.user }}
- user: {{ . }}
- {{- end }}
- {{- with .Values.frigate.mqtt.password }}
- password: {{ . }}
- {{- end }}
-
- {{- if .Values.frigate.detectors.render_config }}
- {{- if .Values.frigate.detectors.config }}
- detectors:
- {{- range .Values.frigate.detectors.config }}
- {{ required "You need to provide a detector name" .name }}:
- type: {{ .type }}
- {{- with .device }}
- device: {{ . }}
- {{- end }}
- {{- with .num_threads }}
- num_threads: {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
-
- {{- if .Values.frigate.model.render_config }}
- model:
- {{- with .Values.frigate.model.path }}
- path: {{ . }}
- {{- end }}
- {{- with .Values.frigate.model.labelmap_path }}
- labelmap_path: {{ . }}
- {{- end }}
- width: {{ .Values.frigate.model.width | default 320 }}
- height: {{ .Values.frigate.model.height | default 320 }}
- {{- with .Values.frigate.model.labelmap }}
- labelmap:
- {{- range . }}
- {{ .model }}: {{ .name }}
- {{- end }}
- {{- end }}
- {{- end }}
-
- {{- if .Values.frigate.logger.render_config }}
- logger:
- default: {{ .Values.frigate.logger.default | default "info" }}
- {{- with .Values.frigate.logger.logs }}
- logs:
- {{- range . }}
- {{ .component }}: {{ .verbosity }}
- {{- end }}
- {{- end }}
- {{- end }}
-
- {{- if .Values.frigate.birdseye.render_config }}
- birdseye:
- enabled: {{ ternary "True" "False" .Values.frigate.birdseye.enabled }}
- width: {{ .Values.frigate.birdseye.width | default 1280 }}
- height: {{ .Values.frigate.birdseye.height | default 720 }}
- quality: {{ .Values.frigate.birdseye.quality | default 8 }}
- mode: {{ .Values.frigate.birdseye.mode | default "objects" }}
- {{- end }}
-
- {{- if .Values.frigate.ffmpeg.render_config }}
- ffmpeg:
- global_args: {{ .Values.frigate.ffmpeg.global_args | default "-hide_banner -loglevel warning" }}
- input_args: {{ .Values.frigate.ffmpeg.input_args | default "-avoid_negative_ts make_zero -fflags +genpts+discardcorrupt -rtsp_transport tcp -timeout 5000000 -use_wallclock_as_timestamps 1" }}
- {{- with .Values.frigate.ffmpeg.hwaccel_args }}
- hwaccel_args: {{ . }}
- {{- end }}
- output_args:
- detect: {{ .Values.frigate.ffmpeg.output_args.detect | default "-f rawvideo -pix_fmt yuv420p" }}
- record: {{ .Values.frigate.ffmpeg.output_args.record | default "-f segment -segment_time 10 -segment_format mp4 -reset_timestamps 1 -strftime 1 -c copy -an" }}
- rtmp: {{ .Values.frigate.ffmpeg.output_args.rtmp | default "-c copy -f flv" }}
- {{- end }}
-
- {{- if .Values.frigate.detect.render_config }}
- detect:
- enabled: {{ ternary "True" "False" .Values.frigate.detect.enabled }}
- width: {{ .Values.frigate.detect.width | default 1280 }}
- height: {{ .Values.frigate.detect.height | default 720 }}
- fps: {{ .Values.frigate.detect.fps | default 5 }}
- max_disappeared: {{ .Values.frigate.detect.max_disappeared | default 25 }}
- stationary:
- interval: {{ .Values.frigate.detect.stationary.interval | default 0 }}
- threshold: {{ .Values.frigate.detect.stationary.threshold | default 50 }}
- {{- if (hasKey .Values.frigate.detect.stationary "max_frames") }}
- {{- if or (hasKey .Values.frigate.detect.stationary.max_frames "default") (hasKey .Values.frigate.detect.stationary.max_frames "objects") }}
- {{- if or .Values.frigate.detect.stationary.max_frames.default .Values.frigate.detect.stationary.max_frames.objects }}
- max_frames:
- {{- with .Values.frigate.detect.stationary.max_frames.default }}
- default: {{ . }}
- {{- end }}
- {{- with .Values.frigate.detect.stationary.max_frames.objects }}
- objects:
- {{- range . }}
- {{ .object }}: {{ .frames }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
-
- {{- if .Values.frigate.objects.render_config }}
- objects:
- {{- with .Values.frigate.objects.track }}
- track:
- {{- range . }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- with .Values.frigate.objects.mask }}
- mask: {{ . }}
- {{- end }}
- {{- with .Values.frigate.objects.filters }}
- filters:
- {{- range . }}
- {{ .object }}:
- {{- with .min_area }}
- min_area: {{ . }}
- {{- end }}
- {{- with .max_area }}
- max_area: {{ . }}
- {{- end }}
- {{- with .min_ratio }}
- min_ratio: {{ . }}
- {{- end }}
- {{- with .max_ratio }}
- max_ratio: {{ . }}
- {{- end }}
- {{- with .min_score }}
- min_score: {{ . }}
- {{- end }}
- {{- with .threshold }}
- threshold: {{ . }}
- {{- end }}
- {{- with .mask }}
- mask: {{ . }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
-
- {{- if .Values.frigate.motion.render_config }}
- motion:
- threshold: {{ .Values.frigate.motion.threshold | default 25 }}
- contour_area: {{ .Values.frigate.motion.contour_area | default 30 }}
- delta_alpha: {{ .Values.frigate.motion.delta_alpha | default 0.2 }}
- frame_alpha: {{ .Values.frigate.motion.frame_alpha | default 0.2 }}
- frame_height: {{ .Values.frigate.motion.frame_height | default 50 }}
- {{- with .Values.frigate.motion.mask }}
- mask: {{ . }}
- {{- end }}
- improve_contrast: {{ ternary "True" "False" .Values.frigate.motion.improve_contrast }}
- mqtt_off_delay: {{ .Values.frigate.motion.mqtt_off_delay | default 30 }}
- {{- end }}
-
- {{- if .Values.frigate.record.render_config }}
- record:
- enabled: {{ ternary "True" "False" .Values.frigate.record.enabled }}
- expire_interval: {{ .Values.frigate.record.expire_interval | default 60 }}
- {{- if .Values.frigate.record.retain.render_config }}
- retain:
- days: {{ .Values.frigate.record.retain.days | default 0 }}
- mode: {{ .Values.frigate.record.retain.mode | default "all" }}
- {{- end }}
- events:
- pre_capture: {{ .Values.frigate.record.events.pre_capture | default 5 }}
- post_capture: {{ .Values.frigate.record.events.post_capture | default 5 }}
- {{- with .Values.frigate.record.events.objects }}
- objects:
- {{- range . }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- with .Values.frigate.record.events.required_zones }}
- required_zones:
- {{- range . }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- if .Values.frigate.record.events.retain.render_config }}
- retain:
- default: {{ .Values.frigate.record.events.retain.default | default 10 }}
- mode: {{ .Values.frigate.record.events.retain.mode | default "motion" }}
- {{- with .Values.frigate.record.events.retain.objects }}
- objects:
- {{- range . }}
- {{ .object }}: {{ .days }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
-
- {{- if .Values.frigate.snapshots.render_config }}
- snapshots:
- enabled: {{ ternary "True" "False" .Values.frigate.snapshots.enabled }}
- clean_copy: {{ ternary "True" "False" .Values.frigate.snapshots.clean_copy }}
- timestamp: {{ ternary "True" "False" .Values.frigate.snapshots.timestamp }}
- bounding_box: {{ ternary "True" "False" .Values.frigate.snapshots.bounding_box }}
- crop: {{ ternary "True" "False" .Values.frigate.snapshots.crop }}
- {{- with .Values.frigate.snapshots.height }}
- height: {{ . }}
- {{- end }}
- {{- with .Values.frigate.snapshots.required_zones }}
- required_zones:
- {{- range . }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- if .Values.frigate.snapshots.retain.render_config }}
- retain:
- default: {{ .Values.frigate.snapshots.retain.default | default 10 }}
- {{- with .Values.frigate.snapshots.retain.objects }}
- objects:
- {{- range . }}
- {{ .object }}: {{ .days }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
-
- {{- if .Values.frigate.rtmp.render_config }}
- rtmp:
- enabled: {{ ternary "True" "False" .Values.frigate.rtmp.enabled }}
- {{- end }}
-
- {{- if .Values.frigate.live.render_config }}
- live:
- height: {{ .Values.frigate.live.height | default 720 }}
- quality: {{ .Values.frigate.live.quality | default 8 }}
- {{- end }}
-
- {{- if .Values.frigate.timestamp_style.render_config }}
- timestamp_style:
- position: {{ .Values.frigate.timestamp_style.position | default "tl" }}
- format: {{ .Values.frigate.timestamp_style.format | quote }}
- color:
- red: {{ .Values.frigate.timestamp_style.color.red | default 255 }}
- green: {{ .Values.frigate.timestamp_style.color.green | default 255 }}
- blue: {{ .Values.frigate.timestamp_style.color.blue | default 255 }}
- thickness: {{ .Values.frigate.timestamp_style.thickness | default 2 }}
- {{- if ne .Values.frigate.timestamp_style.effect "None" }}
- effect: {{ .Values.frigate.timestamp_style.effect }}
- {{- end }}
- {{- end }}
-
- cameras:
- {{- range .Values.frigate.cameras }}
- {{ .camera_name }}:
- ffmpeg:
- {{- with .ffmpeg }}
- inputs:
- {{- range .inputs }}
- - path: {{ .path }}
- {{- with .roles }}
- roles:
- {{- range . }}
- - {{ . }}
- {{- end }}
- {{- end }} {{/* end with roles*/}}
- {{- with .global_args }}
- global_args: {{ . }}
- {{- end }}
- {{- with .hwaccel_args }}
- hwaccel_args: {{ . }}
- {{- end }}
- {{- with .input_args }}
- input_args: {{ . }}
- {{- end }}
- {{- end }} {{/* end range inputs */}}
- {{- with .global_args }}
- global_args: {{ . }}
- {{- end }}
- {{- with .hwaccel_args }}
- hwaccel_args: {{ . }}
- {{- end }}
- {{- with .input_args }}
- input_args: {{ . }}
- {{- end }}
- {{- with .output_args }}
- output_args: {{ . }}
- {{- end }}
- {{- end }} {{/* end with ffmpeg */}}
- best_image_timeout: {{ .best_image_timeout | default 60 }}
- {{- with .zones }}
- zones:
- {{- range . }}
- {{ .name }}:
- coordinates: {{ required "You have to specify coordinates" .coordinates }}
- {{- with .objects }}
- objects:
- {{- range . }}
- - {{ . }}
- {{- end }}
- {{- end }} {{/* end with objects*/}}
- {{- with .filters }}
- filters:
- {{- range . }}
- {{ .object }}:
- {{- with .min_area }}
- min_area: {{ . }}
- {{- end }}
- {{- with .max_area }}
- max_area: {{ . }}
- {{- end }}
- {{- with .threshold }}
- threshold: {{ . }}
- {{- end }}
- {{- end }} {{/* end range filters */}}
- {{- end }} {{/* end with filter */}}
- {{- end }} {{/* end range zones */}}
- {{- end }} {{/* end with zones */}}
- {{- if .mqtt.render_config }}
- {{- with .mqtt }}
- mqtt:
- enabled: {{ ternary "True" "False" .enabled }}
- timestamp: {{ ternary "True" "False" .timestamp }}
- bounding_box: {{ ternary "True" "False" .bounding_box }}
- crop: {{ ternary "True" "False" .crop }}
- height: {{ .height | default 270 }}
- quality: {{ .quality | default 70 }}
- {{- with .required_zones }}
- required_zones:
- {{- range . }}
- - {{ . }}
- {{- end }}
- {{- end }}
- {{- end }} {{/* end with mqtt */}}
- {{- end }} {{/* end if mqtt.render_config */}}
- {{- if .ui.render_config }}
- {{- with .ui }}
- ui:
- {{- if or .order (eq (int .order) 0) }}
- order: {{ .order }}
- {{- end }}
- dashboard: {{ ternary "True" "False" .dashboard }}
- {{- end }} {{/* end with ui */}}
- {{- end }} {{/* end if ui.render_config */}}
- {{- end }} {{/* end range cameras */}}
-
-{{- end }}
diff --git a/incubator/frigate/5.0.14/templates/common.yaml b/incubator/frigate/5.0.14/templates/common.yaml
deleted file mode 100644
index 1f8971b2d42..00000000000
--- a/incubator/frigate/5.0.14/templates/common.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{- include "frigate.configmap" . -}}
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/incubator/frigate/5.0.14/values.yaml b/incubator/frigate/5.0.14/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/incubator/plexripper/2.0.11/CHANGELOG.md b/incubator/plexripper/2.0.11/CHANGELOG.md
deleted file mode 100644
index 7fd28f269b7..00000000000
--- a/incubator/plexripper/2.0.11/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [plexripper-2.0.11](https://github.com/truecharts/charts/compare/plexripper-2.0.10...plexripper-2.0.11) (2023-02-02)
-
-### Fix
-
-- remove non-link sources ([#6826](https://github.com/truecharts/charts/issues/6826))
-
-
-
-
-## [plexripper-2.0.10](https://github.com/truecharts/charts/compare/plexripper-2.0.9...plexripper-2.0.10) (2023-01-24)
-
-### Chore
-
-- update container image tccr.io/truecharts/plexripper to latest
-
-
-
-
-## [plexripper-2.0.9](https://github.com/truecharts/charts/compare/plexripper-2.0.8...plexripper-2.0.9) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [plexripper-2.0.8](https://github.com/truecharts/charts/compare/plexripper-2.0.7...plexripper-2.0.8) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [plexripper-2.0.7](https://github.com/truecharts/charts/compare/plexripper-2.0.6...plexripper-2.0.7) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [plexripper-2.0.6](https://github.com/truecharts/charts/compare/plexripper-2.0.5...plexripper-2.0.6) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [plexripper-2.0.5](https://github.com/truecharts/charts/compare/plexripper-2.0.4...plexripper-2.0.5) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [plexripper-2.0.4](https://github.com/truecharts/charts/compare/plexripper-2.0.3...plexripper-2.0.4) (2022-12-01)
-
-### Chore
-
-- update container image tccr.io/truecharts/plexripper to latest
-
-
-
-
-## [plexripper-2.0.4](https://github.com/truecharts/charts/compare/plexripper-2.0.3...plexripper-2.0.4) (2022-12-01)
-
-### Chore
-
-- update container image tccr.io/truecharts/plexripper to latest
-
-
-
-
-## [plexripper-2.0.4](https://github.com/truecharts/charts/compare/plexripper-2.0.3...plexripper-2.0.4) (2022-12-01)
-
-### Chore
-
-- update container image tccr.io/truecharts/plexripper to latest
-
-
-
-
-## [plexripper-2.0.4](https://github.com/truecharts/charts/compare/plexripper-2.0.3...plexripper-2.0.4) (2022-12-01)
-
-### Chore
diff --git a/incubator/plexripper/2.0.11/Chart.yaml b/incubator/plexripper/2.0.11/Chart.yaml
deleted file mode 100644
index b5a2d0a1153..00000000000
--- a/incubator/plexripper/2.0.11/Chart.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - Backup
- - Downloaders
- - MediaApp-Video
- - MediaApp-Music
- - MediaApp-Photos
- - MediaApp-Other
-apiVersion: v2
-appVersion: "latest"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Tired of searching for media on different torrent websites or paying for Usenet server access? Well look no further! You can now use PlexRipper to download "everything" from the Plex servers you have access to and expand your collection that way! Let others collect media for you and then just download everything!
-home: https://truecharts.org/charts/incubator/plexripper
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/plexripper.png
-keywords:
- - plexripper
- - Backup
- - Downloaders
- - MediaApp-Video
- - MediaApp-Music
- - MediaApp-Photos
- - MediaApp-Other
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: plexripper
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/incubator/plexripper
- - https://hub.docker.com/plexripper/plexripper
- - https://github.com/PlexRipper/PlexRipper/
-type: application
-version: 2.0.11
diff --git a/incubator/plexripper/2.0.11/README.md b/incubator/plexripper/2.0.11/README.md
deleted file mode 100644
index 63d5d2c8fdc..00000000000
--- a/incubator/plexripper/2.0.11/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/incubator/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/incubator/plexripper/2.0.11/app-changelog.md b/incubator/plexripper/2.0.11/app-changelog.md
deleted file mode 100644
index f6820c47469..00000000000
--- a/incubator/plexripper/2.0.11/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [plexripper-2.0.11](https://github.com/truecharts/charts/compare/plexripper-2.0.10...plexripper-2.0.11) (2023-02-02)
-
-### Fix
-
-- remove non-link sources ([#6826](https://github.com/truecharts/charts/issues/6826))
-
-
\ No newline at end of file
diff --git a/incubator/plexripper/2.0.11/app-readme.md b/incubator/plexripper/2.0.11/app-readme.md
deleted file mode 100644
index d8da7a44408..00000000000
--- a/incubator/plexripper/2.0.11/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Tired of searching for media on different torrent websites or paying for Usenet server access? Well look no further! You can now use PlexRipper to download "everything" from the Plex servers you have access to and expand your collection that way! Let others collect media for you and then just download everything!
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/incubator/plexripper](https://truecharts.org/charts/incubator/plexripper)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/incubator/plexripper/2.0.11/charts/common-11.1.2.tgz b/incubator/plexripper/2.0.11/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/incubator/plexripper/2.0.11/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/incubator/plexripper/2.0.11/ix_values.yaml b/incubator/plexripper/2.0.11/ix_values.yaml
deleted file mode 100644
index 6ee15a2c7b9..00000000000
--- a/incubator/plexripper/2.0.11/ix_values.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-env: {}
-image:
- pullPolicy: IfNotPresent
- repository: tccr.io/truecharts/plexripper
- tag: latest@sha256:423b510798fe8bad9b3514b5358cb61cc2a2e0160118db2d1665898eb7c33430
-persistence:
- config:
- enabled: true
- mountPath: /config
- downloadfolder:
- enabled: true
- mountPath: /downloads
- moviedestinationfolder:
- enabled: true
- mountPath: /movies
- tv-showdestinationfolder:
- enabled: true
- mountPath: /tvshows
-podSecurityContext:
- runAsGroup: 0
- runAsUser: 0
-securityContext:
- readOnlyRootFilesystem: false
- runAsNonRoot: false
-service:
- main:
- ports:
- main:
- port: 7000
- protocol: TCP
- targetPort: 7000
-
-portal:
- enabled: true
diff --git a/incubator/plexripper/2.0.11/questions.yaml b/incubator/plexripper/2.0.11/questions.yaml
deleted file mode 100644
index 27030194d15..00000000000
--- a/incubator/plexripper/2.0.11/questions.yaml
+++ /dev/null
@@ -1,2080 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 7000
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "config Storage"
- description: "Container Path config"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: downloadfolder
- label: "downloadfolder Storage"
- description: "Container Path downloads"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: moviedestinationfolder
- label: "moviedestinationfolder Storage"
- description: "Container Path movies"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: tv-showdestinationfolder
- label: "tv-showdestinationfolder Storage"
- description: "Container Path tvshows"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/incubator/plexripper/2.0.11/templates/common.yaml b/incubator/plexripper/2.0.11/templates/common.yaml
deleted file mode 100644
index cbf66c20818..00000000000
--- a/incubator/plexripper/2.0.11/templates/common.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-{{/* Render the templates */}}
-{{ include "tc.common.loader.all" . }}
diff --git a/incubator/plexripper/2.0.11/values.yaml b/incubator/plexripper/2.0.11/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/incubator/shoko-server/2.0.10/CHANGELOG.md b/incubator/shoko-server/2.0.10/CHANGELOG.md
deleted file mode 100644
index 5c7fe084f26..00000000000
--- a/incubator/shoko-server/2.0.10/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [shoko-server-2.0.10](https://github.com/truecharts/charts/compare/shoko-server-2.0.9...shoko-server-2.0.10) (2023-01-07)
-
-### Chore
-
-- update container image tccr.io/truecharts/shoko-server to vdaily
-
-
-
-
-## [shoko-server-2.0.9](https://github.com/truecharts/charts/compare/shoko-server-2.0.8...shoko-server-2.0.9) (2022-12-28)
-
-### Chore
-
-- update container image tccr.io/truecharts/shoko-server to vdaily
-
-
-
-
-## [shoko-server-2.0.8](https://github.com/truecharts/charts/compare/shoko-server-2.0.7...shoko-server-2.0.8) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [shoko-server-2.0.7](https://github.com/truecharts/charts/compare/shoko-server-2.0.6...shoko-server-2.0.7) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [shoko-server-2.0.6](https://github.com/truecharts/charts/compare/shoko-server-2.0.5...shoko-server-2.0.6) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [shoko-server-2.0.5](https://github.com/truecharts/charts/compare/shoko-server-2.0.4...shoko-server-2.0.5) (2022-12-24)
-
-### Chore
-
-- pin dependencies ([#5688](https://github.com/truecharts/charts/issues/5688))
-
-
-
-
-## [shoko-server-2.0.4](https://github.com/truecharts/charts/compare/shoko-server-2.0.3...shoko-server-2.0.4) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [shoko-server-2.0.3](https://github.com/truecharts/charts/compare/shoko-server-2.0.2...shoko-server-2.0.3) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [shoko-server-2.0.2](https://github.com/truecharts/charts/compare/shoko-server-2.0.1...shoko-server-2.0.2) (2022-11-30)
-
-
-
-
-## [shoko-server-2.0.2](https://github.com/truecharts/charts/compare/shoko-server-2.0.1...shoko-server-2.0.2) (2022-11-30)
-
-
-
-
-## [shoko-server-2.0.2](https://github.com/truecharts/charts/compare/shoko-server-2.0.1...shoko-server-2.0.2) (2022-11-30)
-
-
-
-
-## [shoko-server-2.0.2](https://github.com/truecharts/charts/compare/shoko-server-2.0.1...shoko-server-2.0.2) (2022-11-30)
-
-
-
-
-## [shoko-server-2.0.2](https://github.com/truecharts/charts/compare/shoko-server-2.0.1...shoko-server-2.0.2) (2022-11-30)
diff --git a/incubator/shoko-server/2.0.10/Chart.yaml b/incubator/shoko-server/2.0.10/Chart.yaml
deleted file mode 100644
index 417215aa61f..00000000000
--- a/incubator/shoko-server/2.0.10/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - Tools-Utilities
-apiVersion: v2
-appVersion: "daily"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: Shoko server is the core component of the Shoko suite and with it's client-server architecture which allows any program or plugin to access Shoko. You'll have access to your entire collection locally and over the internet with no additional work outside the initial configuration required.
-home: https://truecharts.org/charts/incubator/shoko-server
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/shoko-server.png
-keywords:
- - shoko-server
- - Tools-Utilities
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: shoko-server
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/incubator/shoko-server
- - https://github.com/ShokoAnime/ShokoServer
- - https://hub.docker.com/r/shokoanime/server/
-type: application
-version: 2.0.10
diff --git a/incubator/shoko-server/2.0.10/README.md b/incubator/shoko-server/2.0.10/README.md
deleted file mode 100644
index 63d5d2c8fdc..00000000000
--- a/incubator/shoko-server/2.0.10/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/incubator/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/incubator/shoko-server/2.0.10/app-changelog.md b/incubator/shoko-server/2.0.10/app-changelog.md
deleted file mode 100644
index 429cca0be08..00000000000
--- a/incubator/shoko-server/2.0.10/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [shoko-server-2.0.10](https://github.com/truecharts/charts/compare/shoko-server-2.0.9...shoko-server-2.0.10) (2023-01-07)
-
-### Chore
-
-- update container image tccr.io/truecharts/shoko-server to vdaily
-
-
\ No newline at end of file
diff --git a/incubator/shoko-server/2.0.10/app-readme.md b/incubator/shoko-server/2.0.10/app-readme.md
deleted file mode 100644
index d353efd73ef..00000000000
--- a/incubator/shoko-server/2.0.10/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Shoko server is the core component of the Shoko suite and with it's client-server architecture which allows any program or plugin to access Shoko. You'll have access to your entire collection locally and over the internet with no additional work outside the initial configuration required.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/incubator/shoko-server](https://truecharts.org/charts/incubator/shoko-server)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/about/sponsor) or contributing back to the project any way you can!
diff --git a/incubator/shoko-server/2.0.10/charts/common-11.1.2.tgz b/incubator/shoko-server/2.0.10/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/incubator/shoko-server/2.0.10/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/incubator/shoko-server/2.0.10/ix_values.yaml b/incubator/shoko-server/2.0.10/ix_values.yaml
deleted file mode 100644
index 271547d3e45..00000000000
--- a/incubator/shoko-server/2.0.10/ix_values.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-env: {}
-image:
- pullPolicy: IfNotPresent
- repository: tccr.io/truecharts/shoko-server
- tag: vdaily@sha256:ed296ad8c59864e88bb6244f1005e0e15512b4a8f58791f5aaf3ab95838fd77e
-persistence:
- animefolder:
- enabled: true
- mountPath: /anime
- appdata:
- enabled: true
- mountPath: /home/shoko/.shoko/
- importfolder:
- enabled: true
- mountPath: /import
-podSecurityContext:
- runAsGroup: 0
- runAsUser: 0
-securityContext:
- readOnlyRootFilesystem: false
- runAsNonRoot: false
-service:
- main:
- ports:
- main:
- port: 8111
- protocol: TCP
- targetPort: 8111
-
-portal:
- enabled: true
diff --git a/incubator/shoko-server/2.0.10/questions.yaml b/incubator/shoko-server/2.0.10/questions.yaml
deleted file mode 100644
index 4cf4f57506f..00000000000
--- a/incubator/shoko-server/2.0.10/questions.yaml
+++ /dev/null
@@ -1,1969 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 8111
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: appdata
- label: "appdata Storage"
- description: "Container Path homeshoko.shoko"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: animefolder
- label: "animefolder Storage"
- description: "Container Path anime"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: importfolder
- label: "importfolder Storage"
- description: "Container Path import"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: horizontalPodAutoscaler
- group: Advanced
- label: (Advanced) Horizontal Pod Autoscaler
- schema:
- type: list
- default: []
- items:
- - variable: hpaEntry
- label: HPA Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: target
- label: Target
- description: Deployment name, Defaults to Main Deployment
- schema:
- type: string
- default: ""
- - variable: minReplicas
- label: Minimum Replicas
- schema:
- type: int
- default: 1
- - variable: maxReplicas
- label: Maximum Replicas
- schema:
- type: int
- default: 5
- - variable: targetCPUUtilizationPercentage
- label: Target CPU Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: targetMemoryUtilizationPercentage
- label: Target Memory Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/incubator/shoko-server/2.0.10/templates/common.yaml b/incubator/shoko-server/2.0.10/templates/common.yaml
deleted file mode 100644
index cbf66c20818..00000000000
--- a/incubator/shoko-server/2.0.10/templates/common.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-{{/* Render the templates */}}
-{{ include "tc.common.loader.all" . }}
diff --git a/incubator/shoko-server/2.0.10/values.yaml b/incubator/shoko-server/2.0.10/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/incubator/tasmoadmin/2.0.10/CHANGELOG.md b/incubator/tasmoadmin/2.0.10/CHANGELOG.md
deleted file mode 100644
index 5ae2dfffb37..00000000000
--- a/incubator/tasmoadmin/2.0.10/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [tasmoadmin-2.0.10](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.9...tasmoadmin-2.0.10) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/tasmoadmin to latest
-
-
-
-
-## [tasmoadmin-2.0.9](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.8...tasmoadmin-2.0.9) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [tasmoadmin-2.0.8](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.7...tasmoadmin-2.0.8) (2023-02-02)
-
-### Fix
-
-- remove non-link sources ([#6826](https://github.com/truecharts/charts/issues/6826))
-
-
-
-
-## [tasmoadmin-2.0.7](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.6...tasmoadmin-2.0.7) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [tasmoadmin-2.0.6](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.5...tasmoadmin-2.0.6) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [tasmoadmin-2.0.5](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.4...tasmoadmin-2.0.5) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [tasmoadmin-2.0.4](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.3...tasmoadmin-2.0.4) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [tasmoadmin-2.0.3](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.2...tasmoadmin-2.0.3) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [tasmoadmin-2.0.2](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.1...tasmoadmin-2.0.2) (2022-11-30)
-
-
-
-
-## [tasmoadmin-2.0.2](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.1...tasmoadmin-2.0.2) (2022-11-30)
-
-
-
-
-## [tasmoadmin-2.0.2](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.1...tasmoadmin-2.0.2) (2022-11-30)
-
-
-
-
-## [tasmoadmin-2.0.2](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.1...tasmoadmin-2.0.2) (2022-11-30)
-
-
-
-
-## [tasmoadmin-2.0.2](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.1...tasmoadmin-2.0.2) (2022-11-30)
diff --git a/incubator/tasmoadmin/2.0.10/Chart.yaml b/incubator/tasmoadmin/2.0.10/Chart.yaml
deleted file mode 100644
index d29a9d4c607..00000000000
--- a/incubator/tasmoadmin/2.0.10/Chart.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-annotations:
- truecharts.org/SCALE-support: "true"
- truecharts.org/catagories: |
- - HomeAutomation
- - Network-Management
-apiVersion: v2
-appVersion: "latest"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: "TasmoAdmin is an administrative Website for Home Automation Devices flashed with Tasmota"
-home: https://truecharts.org/charts/incubator/tasmoadmin
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/tasmoadmin.png
-keywords:
- - tasmoadmin
- - HomeAutomation
- - Network-Management
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: tasmoadmin
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/incubator/tasmoadmin
- - https://hub.docker.com/r/raymondmm/tasmoadmin
-type: application
-version: 2.0.10
diff --git a/incubator/tasmoadmin/2.0.10/README.md b/incubator/tasmoadmin/2.0.10/README.md
deleted file mode 100644
index 63d5d2c8fdc..00000000000
--- a/incubator/tasmoadmin/2.0.10/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/incubator/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/incubator/tasmoadmin/2.0.10/app-changelog.md b/incubator/tasmoadmin/2.0.10/app-changelog.md
deleted file mode 100644
index 898027c9dc0..00000000000
--- a/incubator/tasmoadmin/2.0.10/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [tasmoadmin-2.0.10](https://github.com/truecharts/charts/compare/tasmoadmin-2.0.9...tasmoadmin-2.0.10) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/tasmoadmin to latest
-
-
\ No newline at end of file
diff --git a/incubator/tasmoadmin/2.0.10/app-readme.md b/incubator/tasmoadmin/2.0.10/app-readme.md
deleted file mode 100644
index e197d951f48..00000000000
--- a/incubator/tasmoadmin/2.0.10/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-TasmoAdmin is an administrative Website for Home Automation Devices flashed with Tasmota
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/incubator/tasmoadmin](https://truecharts.org/charts/incubator/tasmoadmin)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/incubator/tasmoadmin/2.0.10/charts/common-11.1.2.tgz b/incubator/tasmoadmin/2.0.10/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/incubator/tasmoadmin/2.0.10/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/incubator/tasmoadmin/2.0.10/ix_values.yaml b/incubator/tasmoadmin/2.0.10/ix_values.yaml
deleted file mode 100644
index 00b3317dab1..00000000000
--- a/incubator/tasmoadmin/2.0.10/ix_values.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-env: {}
-image:
- pullPolicy: IfNotPresent
- repository: tccr.io/truecharts/tasmoadmin
- tag: latest@sha256:c74805a40c9bcfce053e83d73bb0a4acf8a0aba689f040f75a6f79f1c8e38a42
-persistence:
- data:
- enabled: true
- mountPath: /data
-podSecurityContext:
- runAsGroup: 0
- runAsUser: 0
-securityContext:
- readOnlyRootFilesystem: false
- runAsNonRoot: false
-service:
- main:
- ports:
- main:
- port: 9541
- protocol: TCP
- targetPort: 80
-
-portal:
- enabled: true
diff --git a/incubator/tasmoadmin/2.0.10/questions.yaml b/incubator/tasmoadmin/2.0.10/questions.yaml
deleted file mode 100644
index ad179ea4745..00000000000
--- a/incubator/tasmoadmin/2.0.10/questions.yaml
+++ /dev/null
@@ -1,1870 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9541
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: data
- label: "data Storage"
- description: "Container Path data"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/incubator/tasmoadmin/2.0.10/templates/common.yaml b/incubator/tasmoadmin/2.0.10/templates/common.yaml
deleted file mode 100644
index cbf66c20818..00000000000
--- a/incubator/tasmoadmin/2.0.10/templates/common.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-{{/* Render the templates */}}
-{{ include "tc.common.loader.all" . }}
diff --git a/incubator/tasmoadmin/2.0.10/values.yaml b/incubator/tasmoadmin/2.0.10/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/incubator/wizarr/0.0.8/CHANGELOG.md b/incubator/wizarr/0.0.8/CHANGELOG.md
deleted file mode 100644
index 85c0ea2de83..00000000000
--- a/incubator/wizarr/0.0.8/CHANGELOG.md
+++ /dev/null
@@ -1,71 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [wizarr-0.0.8](https://github.com/truecharts/charts/compare/wizarr-0.0.7...wizarr-0.0.8) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/wizarr to latest
-
-
-
-
-## [wizarr-0.0.7](https://github.com/truecharts/charts/compare/wizarr-0.0.6...wizarr-0.0.7) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [wizarr-0.0.6](https://github.com/truecharts/charts/compare/wizarr-0.0.5...wizarr-0.0.6) (2023-02-02)
-
-### Fix
-
-- remove non-link sources ([#6826](https://github.com/truecharts/charts/issues/6826))
-
-
-
-
-## [wizarr-0.0.5](https://github.com/truecharts/charts/compare/wizarr-0.0.4...wizarr-0.0.5) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [wizarr-0.0.4](https://github.com/truecharts/charts/compare/wizarr-0.0.3...wizarr-0.0.4) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [wizarr-0.0.3](https://github.com/truecharts/charts/compare/wizarr-0.0.2...wizarr-0.0.3) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [wizarr-0.0.2](https://github.com/truecharts/charts/compare/wizarr-0.0.1...wizarr-0.0.2) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [wizarr-0.0.1]wizarr-0.0.1 (2022-12-16)
-
diff --git a/incubator/wizarr/0.0.8/Chart.yaml b/incubator/wizarr/0.0.8/Chart.yaml
deleted file mode 100644
index 70a34b30fe3..00000000000
--- a/incubator/wizarr/0.0.8/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v2
-appVersion: "latest"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: A automatic user invitation system for Plex.
-home: https://truecharts.org/charts/incubator/wizarr
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/wizarr.png
-keywords:
- - wizarr
- - HomeAutomation
- - Tools-Utilities
- - Other
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: wizarr
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/incubator/wizarr
- - https://hub.docker.com/r/wizarr/wizarr
- - https://github.com/Wizarrrr/wizarr
-type: application
-version: 0.0.8
-annotations:
- truecharts.org/catagories: |
- - HomeAutomation
- - Tools-Utilities
- - Other
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/incubator/wizarr/0.0.8/README.md b/incubator/wizarr/0.0.8/README.md
deleted file mode 100644
index 63d5d2c8fdc..00000000000
--- a/incubator/wizarr/0.0.8/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/incubator/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/incubator/wizarr/0.0.8/app-changelog.md b/incubator/wizarr/0.0.8/app-changelog.md
deleted file mode 100644
index 384735c1937..00000000000
--- a/incubator/wizarr/0.0.8/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [wizarr-0.0.8](https://github.com/truecharts/charts/compare/wizarr-0.0.7...wizarr-0.0.8) (2023-02-15)
-
-### Chore
-
-- update container image tccr.io/truecharts/wizarr to latest
-
-
\ No newline at end of file
diff --git a/incubator/wizarr/0.0.8/app-readme.md b/incubator/wizarr/0.0.8/app-readme.md
deleted file mode 100644
index efe84a1a669..00000000000
--- a/incubator/wizarr/0.0.8/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-A automatic user invitation system for Plex.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/incubator/wizarr](https://truecharts.org/charts/incubator/wizarr)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/incubator/wizarr/0.0.8/charts/common-11.1.2.tgz b/incubator/wizarr/0.0.8/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/incubator/wizarr/0.0.8/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/incubator/wizarr/0.0.8/ix_values.yaml b/incubator/wizarr/0.0.8/ix_values.yaml
deleted file mode 100644
index bbfe789b761..00000000000
--- a/incubator/wizarr/0.0.8/ix_values.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-image:
- repository: tccr.io/truecharts/wizarr
- pullPolicy: IfNotPresent
- tag: latest@sha256:70e426d55103676103540729769d29fda08bbf567a06c3f51caaf11318523ae9
-
-env:
- APP_URL: "http://localhost:{{ .Values.service.main.ports.main.port }}"
- DISABLE_BUILTIN_AUTH: false
- ALLOW_BUG_REPORTING: false
-
-service:
- main:
- ports:
- main:
- protocol: HTTP
- targetPort: 5690
- port: 10596
-
-persistence:
- database:
- enabled: true
- mountPath: /data/database
-
-portal:
- enabled: true
diff --git a/incubator/wizarr/0.0.8/questions.yaml b/incubator/wizarr/0.0.8/questions.yaml
deleted file mode 100644
index 4a8d27a6fe3..00000000000
--- a/incubator/wizarr/0.0.8/questions.yaml
+++ /dev/null
@@ -1,1895 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: env
- group: App Configuration
- label: Image Environment
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: APP_URL
- label: App URL
- description: set this url as either http://ip:port or https://app.domain.tld if using ingress/reverse proxy.
- schema:
- type: string
- default: ""
- - variable: DISABLE_BUILTIN_AUTH
- label: Disable Builtin Auth
- description: Check this if using an external auth provider, otherwise leave it false.
- schema:
- type: boolean
- default: false
- - variable: ALLOW_BUG_REPORTING
- label: Allow Bug Reporting
- description: Helps upstream developers fix bugs proactively, recommended leave it enabled, but can be optionally disabled.
- schema:
- type: boolean
- default: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Service
- description: The Primary service on which the healthcheck runs, often the webUI
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Service Port Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- description: This port exposes the container port on the service
- schema:
- type: int
- default: 10596
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: database
- label: App Database Storage
- description: Stores the Application Database.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: Privileged mode
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: ReadOnly Root Filesystem
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: Allow Privilege Escalation
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: runAsNonRoot
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: runAsUser
- description: The UserID of the user running the application
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: runAsGroup
- description: The groupID this App of the user running the application
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: fsGroup
- description: The group that should own ALL storage.
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/incubator/wizarr/0.0.8/templates/common.yaml b/incubator/wizarr/0.0.8/templates/common.yaml
deleted file mode 100644
index c1a366e1cf0..00000000000
--- a/incubator/wizarr/0.0.8/templates/common.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "tc.common.loader.all" . }}
diff --git a/incubator/wizarr/0.0.8/values.yaml b/incubator/wizarr/0.0.8/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/anonaddy/12.0.17/CHANGELOG.md b/stable/anonaddy/12.0.17/CHANGELOG.md
deleted file mode 100644
index 3baae47adc0..00000000000
--- a/stable/anonaddy/12.0.17/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [anonaddy-12.0.17](https://github.com/truecharts/charts/compare/anonaddy-12.0.16...anonaddy-12.0.17) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [anonaddy-12.0.16](https://github.com/truecharts/charts/compare/anonaddy-12.0.15...anonaddy-12.0.16) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [anonaddy-12.0.15](https://github.com/truecharts/charts/compare/anonaddy-12.0.14...anonaddy-12.0.15) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848))
-
-
-
-
-## [anonaddy-12.0.14](https://github.com/truecharts/charts/compare/anonaddy-12.0.13...anonaddy-12.0.14) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [anonaddy-12.0.13](https://github.com/truecharts/charts/compare/anonaddy-12.0.12...anonaddy-12.0.13) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.12](https://github.com/truecharts/charts/compare/anonaddy-12.0.11...anonaddy-12.0.12) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.11](https://github.com/truecharts/charts/compare/anonaddy-12.0.10...anonaddy-12.0.11) (2022-12-19)
-
-### Chore
-
-- update container image tccr.io/truecharts/anonaddy to v0.13.13
-
-
-
-
-## [anonaddy-12.0.10](https://github.com/truecharts/charts/compare/anonaddy-12.0.9...anonaddy-12.0.10) (2022-12-18)
-
-### Chore
-
-- update helm chart mariadb to v5.0.15 ([#5492](https://github.com/truecharts/charts/issues/5492))
- - update helm chart redis to v5.0.16
-
-
-
-
-## [anonaddy-12.0.9](https://github.com/truecharts/charts/compare/anonaddy-12.0.8...anonaddy-12.0.9) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.8](https://github.com/truecharts/charts/compare/anonaddy-12.0.7...anonaddy-12.0.8) (2022-12-05)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.7](https://github.com/truecharts/charts/compare/anonaddy-12.0.5...anonaddy-12.0.7) (2022-11-30)
-
diff --git a/stable/anonaddy/12.0.17/Chart.yaml b/stable/anonaddy/12.0.17/Chart.yaml
deleted file mode 100644
index 4885f4a0255..00000000000
--- a/stable/anonaddy/12.0.17/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v2
-appVersion: "0.13.13"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: mariadb.enabled
- name: mariadb
- repository: https://charts.truecharts.org/
- version: 5.0.21
- - condition: redis.enabled
- name: redis
- repository: https://charts.truecharts.org
- version: 5.0.24
-description: "Protect your email from spam using disposable addresses."
-home: https://truecharts.org/charts/stable/anonaddy
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/anonaddy.png
-keywords:
- - anonaddy
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: anonaddy
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/anonaddy
- - https://github.com/anonaddy/docker
-version: 12.0.17
-annotations:
- truecharts.org/catagories: |
- - email
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/anonaddy/12.0.17/README.md b/stable/anonaddy/12.0.17/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/anonaddy/12.0.17/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/anonaddy/12.0.17/app-changelog.md b/stable/anonaddy/12.0.17/app-changelog.md
deleted file mode 100644
index 1c12f771d51..00000000000
--- a/stable/anonaddy/12.0.17/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [anonaddy-12.0.17](https://github.com/truecharts/charts/compare/anonaddy-12.0.16...anonaddy-12.0.17) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
\ No newline at end of file
diff --git a/stable/anonaddy/12.0.17/app-readme.md b/stable/anonaddy/12.0.17/app-readme.md
deleted file mode 100644
index 4484437354b..00000000000
--- a/stable/anonaddy/12.0.17/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Protect your email from spam using disposable addresses.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/anonaddy](https://truecharts.org/charts/stable/anonaddy)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/about/sponsor) or contributing back to the project any way you can!
diff --git a/stable/anonaddy/12.0.17/charts/common-11.1.2.tgz b/stable/anonaddy/12.0.17/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/anonaddy/12.0.17/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.17/charts/mariadb-5.0.21.tgz b/stable/anonaddy/12.0.17/charts/mariadb-5.0.21.tgz
deleted file mode 100644
index ba01033721b..00000000000
Binary files a/stable/anonaddy/12.0.17/charts/mariadb-5.0.21.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.17/charts/redis-5.0.24.tgz b/stable/anonaddy/12.0.17/charts/redis-5.0.24.tgz
deleted file mode 100644
index 6512b89fa8a..00000000000
Binary files a/stable/anonaddy/12.0.17/charts/redis-5.0.24.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.17/ix_values.yaml b/stable/anonaddy/12.0.17/ix_values.yaml
deleted file mode 100644
index 00adc242ee5..00000000000
--- a/stable/anonaddy/12.0.17/ix_values.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-image:
- repository: tccr.io/truecharts/anonaddy
- tag: 0.13.13@sha256:495809d341b08ea6d02c7b0b318d48b00b7243392affd0d278ec1aa188a76ccd
- pullPolicy: IfNotPresent
-
-strategy:
- type: Recreate
-
-securityContext:
- runAsNonRoot: false
- readOnlyRootFilesystem: false
-
-podSecurityContext:
- runAsUser: 0
- runAsGroup: 0
-
-env:
- ANONADDY_DOMAIN: "chart-example.local"
- DB_DATABASE: anonaddy
- DB_USERNAME: anonaddy
- DB_HOST:
- secretKeyRef:
- name: mariadbcreds
- key: plainhost
- DB_PASSWORD:
- secretKeyRef:
- name: mariadbcreds
- key: mariadb-password
- REDIS_HOST:
- secretKeyRef:
- name: rediscreds
- key: plainhost
- REDIS_PASSWORD:
- secretKeyRef:
- name: rediscreds
- key: redis-password
- APP_KEY:
- secretKeyRef:
- name: appkey
- key: appkey
- ANONADDY_SECRET:
- secretKeyRef:
- name: appkey
- key: secret
-
-service:
- main:
- ports:
- main:
- port: 10110
- targetPort: 8000
- smtp:
- enabled: true
- ports:
- smtp:
- enabled: true
- port: 25
- targetPort: 25
-
-persistence:
- varrun:
- enabled: true
- config:
- enabled: true
- mountPath: "/config"
-
-redis:
- enabled: true
- existingSecret: "rediscreds"
-
-mariadb:
- enabled: true
- mariadbUsername: anonaddy
- mariadbDatabase: anonaddy
- existingSecret: "mariadbcreds"
-
-portal:
- enabled: true
diff --git a/stable/anonaddy/12.0.17/questions.yaml b/stable/anonaddy/12.0.17/questions.yaml
deleted file mode 100644
index b9fc602bde9..00000000000
--- a/stable/anonaddy/12.0.17/questions.yaml
+++ /dev/null
@@ -1,1894 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: env
- group: "App Configuration"
- label: "Image Environment"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ANONADDY_DOMAIN
- label: "ANONADDY_DOMAIN"
- schema:
- type: string
- default: ""
- required: true
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10110
- required: true
- - variable: smtp
- label: "smtp Service"
- description: "The smtp service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: smtp
- label: "smtp Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 25
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: horizontalPodAutoscaler
- group: Advanced
- label: (Advanced) Horizontal Pod Autoscaler
- schema:
- type: list
- default: []
- items:
- - variable: hpaEntry
- label: HPA Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: target
- label: Target
- description: Deployment name, Defaults to Main Deployment
- schema:
- type: string
- default: ""
- - variable: minReplicas
- label: Minimum Replicas
- schema:
- type: int
- default: 1
- - variable: maxReplicas
- label: Maximum Replicas
- schema:
- type: int
- default: 5
- - variable: targetCPUUtilizationPercentage
- label: Target CPU Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: targetMemoryUtilizationPercentage
- label: Target Memory Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/stable/anonaddy/12.0.17/templates/_appkey.tpl b/stable/anonaddy/12.0.17/templates/_appkey.tpl
deleted file mode 100644
index daf70c0c464..00000000000
--- a/stable/anonaddy/12.0.17/templates/_appkey.tpl
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-This template generates a random password and ensures it persists across updates/edits to the chart
-*/}}
-{{- define "anonaddy.appkey" -}}
----
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: appkey
-{{- $keyprevious := lookup "v1" "Secret" .Release.Namespace "appkey" }}
-{{- $appkey := "" }}
-{{- $secret := "" }}
-data:
-{{- if $keyprevious }}
- {{- $appkey = ( index $keyprevious.data "appkey" ) }}
- {{- $secret = ( index $keyprevious.data "secret" ) }}
- appkey: {{ ( index $keyprevious.data "appkey" ) }}
- secret: {{ ( index $keyprevious.data "secret" ) }}
-{{- else }}
- {{- $appkey = randAlphaNum 32 }}
- {{- $secret = randAlphaNum 32 }}
- appkey: {{ $appkey | b64enc }}
- secret: {{ $secret | b64enc }}
-{{- end }}
-{{- end -}}
diff --git a/stable/anonaddy/12.0.17/templates/common.yaml b/stable/anonaddy/12.0.17/templates/common.yaml
deleted file mode 100644
index 65b6d2f295f..00000000000
--- a/stable/anonaddy/12.0.17/templates/common.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render appkey for anonaddy */}}
-{{- include "anonaddy.appkey" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/stable/anonaddy/12.0.17/values.yaml b/stable/anonaddy/12.0.17/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/anonaddy/12.0.18/CHANGELOG.md b/stable/anonaddy/12.0.18/CHANGELOG.md
deleted file mode 100644
index fa185b877c0..00000000000
--- a/stable/anonaddy/12.0.18/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [anonaddy-12.0.18](https://github.com/truecharts/charts/compare/anonaddy-12.0.17...anonaddy-12.0.18) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
-
-
-## [anonaddy-12.0.17](https://github.com/truecharts/charts/compare/anonaddy-12.0.16...anonaddy-12.0.17) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [anonaddy-12.0.16](https://github.com/truecharts/charts/compare/anonaddy-12.0.15...anonaddy-12.0.16) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [anonaddy-12.0.15](https://github.com/truecharts/charts/compare/anonaddy-12.0.14...anonaddy-12.0.15) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848))
-
-
-
-
-## [anonaddy-12.0.14](https://github.com/truecharts/charts/compare/anonaddy-12.0.13...anonaddy-12.0.14) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [anonaddy-12.0.13](https://github.com/truecharts/charts/compare/anonaddy-12.0.12...anonaddy-12.0.13) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.12](https://github.com/truecharts/charts/compare/anonaddy-12.0.11...anonaddy-12.0.12) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.11](https://github.com/truecharts/charts/compare/anonaddy-12.0.10...anonaddy-12.0.11) (2022-12-19)
-
-### Chore
-
-- update container image tccr.io/truecharts/anonaddy to v0.13.13
-
-
-
-
-## [anonaddy-12.0.10](https://github.com/truecharts/charts/compare/anonaddy-12.0.9...anonaddy-12.0.10) (2022-12-18)
-
-### Chore
-
-- update helm chart mariadb to v5.0.15 ([#5492](https://github.com/truecharts/charts/issues/5492))
- - update helm chart redis to v5.0.16
-
-
-
-
-## [anonaddy-12.0.9](https://github.com/truecharts/charts/compare/anonaddy-12.0.8...anonaddy-12.0.9) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.8](https://github.com/truecharts/charts/compare/anonaddy-12.0.7...anonaddy-12.0.8) (2022-12-05)
-
diff --git a/stable/anonaddy/12.0.18/Chart.yaml b/stable/anonaddy/12.0.18/Chart.yaml
deleted file mode 100644
index e9b0960b93d..00000000000
--- a/stable/anonaddy/12.0.18/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v2
-appVersion: "0.13.13"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: mariadb.enabled
- name: mariadb
- repository: https://charts.truecharts.org/
- version: 5.0.23
- - condition: redis.enabled
- name: redis
- repository: https://charts.truecharts.org
- version: 5.0.26
-description: "Protect your email from spam using disposable addresses."
-home: https://truecharts.org/charts/stable/anonaddy
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/anonaddy.png
-keywords:
- - anonaddy
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: anonaddy
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/anonaddy
- - https://github.com/anonaddy/docker
-version: 12.0.18
-annotations:
- truecharts.org/catagories: |
- - email
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/anonaddy/12.0.18/README.md b/stable/anonaddy/12.0.18/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/anonaddy/12.0.18/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/anonaddy/12.0.18/app-changelog.md b/stable/anonaddy/12.0.18/app-changelog.md
deleted file mode 100644
index bf39806fa07..00000000000
--- a/stable/anonaddy/12.0.18/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [anonaddy-12.0.18](https://github.com/truecharts/charts/compare/anonaddy-12.0.17...anonaddy-12.0.18) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
\ No newline at end of file
diff --git a/stable/anonaddy/12.0.18/app-readme.md b/stable/anonaddy/12.0.18/app-readme.md
deleted file mode 100644
index cd09b84c606..00000000000
--- a/stable/anonaddy/12.0.18/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Protect your email from spam using disposable addresses.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/anonaddy](https://truecharts.org/charts/stable/anonaddy)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/anonaddy/12.0.18/charts/common-11.1.2.tgz b/stable/anonaddy/12.0.18/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/anonaddy/12.0.18/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.18/charts/mariadb-5.0.23.tgz b/stable/anonaddy/12.0.18/charts/mariadb-5.0.23.tgz
deleted file mode 100644
index fdb76ce4bd4..00000000000
Binary files a/stable/anonaddy/12.0.18/charts/mariadb-5.0.23.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.18/charts/redis-5.0.26.tgz b/stable/anonaddy/12.0.18/charts/redis-5.0.26.tgz
deleted file mode 100644
index 022df7e545c..00000000000
Binary files a/stable/anonaddy/12.0.18/charts/redis-5.0.26.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.18/ix_values.yaml b/stable/anonaddy/12.0.18/ix_values.yaml
deleted file mode 100644
index 00adc242ee5..00000000000
--- a/stable/anonaddy/12.0.18/ix_values.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-image:
- repository: tccr.io/truecharts/anonaddy
- tag: 0.13.13@sha256:495809d341b08ea6d02c7b0b318d48b00b7243392affd0d278ec1aa188a76ccd
- pullPolicy: IfNotPresent
-
-strategy:
- type: Recreate
-
-securityContext:
- runAsNonRoot: false
- readOnlyRootFilesystem: false
-
-podSecurityContext:
- runAsUser: 0
- runAsGroup: 0
-
-env:
- ANONADDY_DOMAIN: "chart-example.local"
- DB_DATABASE: anonaddy
- DB_USERNAME: anonaddy
- DB_HOST:
- secretKeyRef:
- name: mariadbcreds
- key: plainhost
- DB_PASSWORD:
- secretKeyRef:
- name: mariadbcreds
- key: mariadb-password
- REDIS_HOST:
- secretKeyRef:
- name: rediscreds
- key: plainhost
- REDIS_PASSWORD:
- secretKeyRef:
- name: rediscreds
- key: redis-password
- APP_KEY:
- secretKeyRef:
- name: appkey
- key: appkey
- ANONADDY_SECRET:
- secretKeyRef:
- name: appkey
- key: secret
-
-service:
- main:
- ports:
- main:
- port: 10110
- targetPort: 8000
- smtp:
- enabled: true
- ports:
- smtp:
- enabled: true
- port: 25
- targetPort: 25
-
-persistence:
- varrun:
- enabled: true
- config:
- enabled: true
- mountPath: "/config"
-
-redis:
- enabled: true
- existingSecret: "rediscreds"
-
-mariadb:
- enabled: true
- mariadbUsername: anonaddy
- mariadbDatabase: anonaddy
- existingSecret: "mariadbcreds"
-
-portal:
- enabled: true
diff --git a/stable/anonaddy/12.0.18/questions.yaml b/stable/anonaddy/12.0.18/questions.yaml
deleted file mode 100644
index b9fc602bde9..00000000000
--- a/stable/anonaddy/12.0.18/questions.yaml
+++ /dev/null
@@ -1,1894 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: env
- group: "App Configuration"
- label: "Image Environment"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ANONADDY_DOMAIN
- label: "ANONADDY_DOMAIN"
- schema:
- type: string
- default: ""
- required: true
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10110
- required: true
- - variable: smtp
- label: "smtp Service"
- description: "The smtp service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: smtp
- label: "smtp Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 25
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: horizontalPodAutoscaler
- group: Advanced
- label: (Advanced) Horizontal Pod Autoscaler
- schema:
- type: list
- default: []
- items:
- - variable: hpaEntry
- label: HPA Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: target
- label: Target
- description: Deployment name, Defaults to Main Deployment
- schema:
- type: string
- default: ""
- - variable: minReplicas
- label: Minimum Replicas
- schema:
- type: int
- default: 1
- - variable: maxReplicas
- label: Maximum Replicas
- schema:
- type: int
- default: 5
- - variable: targetCPUUtilizationPercentage
- label: Target CPU Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: targetMemoryUtilizationPercentage
- label: Target Memory Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/stable/anonaddy/12.0.18/templates/_appkey.tpl b/stable/anonaddy/12.0.18/templates/_appkey.tpl
deleted file mode 100644
index daf70c0c464..00000000000
--- a/stable/anonaddy/12.0.18/templates/_appkey.tpl
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-This template generates a random password and ensures it persists across updates/edits to the chart
-*/}}
-{{- define "anonaddy.appkey" -}}
----
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: appkey
-{{- $keyprevious := lookup "v1" "Secret" .Release.Namespace "appkey" }}
-{{- $appkey := "" }}
-{{- $secret := "" }}
-data:
-{{- if $keyprevious }}
- {{- $appkey = ( index $keyprevious.data "appkey" ) }}
- {{- $secret = ( index $keyprevious.data "secret" ) }}
- appkey: {{ ( index $keyprevious.data "appkey" ) }}
- secret: {{ ( index $keyprevious.data "secret" ) }}
-{{- else }}
- {{- $appkey = randAlphaNum 32 }}
- {{- $secret = randAlphaNum 32 }}
- appkey: {{ $appkey | b64enc }}
- secret: {{ $secret | b64enc }}
-{{- end }}
-{{- end -}}
diff --git a/stable/anonaddy/12.0.18/templates/common.yaml b/stable/anonaddy/12.0.18/templates/common.yaml
deleted file mode 100644
index 65b6d2f295f..00000000000
--- a/stable/anonaddy/12.0.18/templates/common.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render appkey for anonaddy */}}
-{{- include "anonaddy.appkey" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/stable/anonaddy/12.0.18/values.yaml b/stable/anonaddy/12.0.18/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/anonaddy/12.0.19/CHANGELOG.md b/stable/anonaddy/12.0.19/CHANGELOG.md
deleted file mode 100644
index 354d5cf9954..00000000000
--- a/stable/anonaddy/12.0.19/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [anonaddy-12.0.19](https://github.com/truecharts/charts/compare/anonaddy-12.0.18...anonaddy-12.0.19) (2023-01-23)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.18](https://github.com/truecharts/charts/compare/anonaddy-12.0.17...anonaddy-12.0.18) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
-
-
-## [anonaddy-12.0.17](https://github.com/truecharts/charts/compare/anonaddy-12.0.16...anonaddy-12.0.17) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [anonaddy-12.0.16](https://github.com/truecharts/charts/compare/anonaddy-12.0.15...anonaddy-12.0.16) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [anonaddy-12.0.15](https://github.com/truecharts/charts/compare/anonaddy-12.0.14...anonaddy-12.0.15) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848))
-
-
-
-
-## [anonaddy-12.0.14](https://github.com/truecharts/charts/compare/anonaddy-12.0.13...anonaddy-12.0.14) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [anonaddy-12.0.13](https://github.com/truecharts/charts/compare/anonaddy-12.0.12...anonaddy-12.0.13) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.12](https://github.com/truecharts/charts/compare/anonaddy-12.0.11...anonaddy-12.0.12) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.11](https://github.com/truecharts/charts/compare/anonaddy-12.0.10...anonaddy-12.0.11) (2022-12-19)
-
-### Chore
-
-- update container image tccr.io/truecharts/anonaddy to v0.13.13
-
-
-
-
-## [anonaddy-12.0.10](https://github.com/truecharts/charts/compare/anonaddy-12.0.9...anonaddy-12.0.10) (2022-12-18)
-
-### Chore
-
-- update helm chart mariadb to v5.0.15 ([#5492](https://github.com/truecharts/charts/issues/5492))
- - update helm chart redis to v5.0.16
-
-
-
-
-## [anonaddy-12.0.9](https://github.com/truecharts/charts/compare/anonaddy-12.0.8...anonaddy-12.0.9) (2022-12-13)
-
diff --git a/stable/anonaddy/12.0.19/Chart.yaml b/stable/anonaddy/12.0.19/Chart.yaml
deleted file mode 100644
index 9747b030f92..00000000000
--- a/stable/anonaddy/12.0.19/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v2
-appVersion: "0.13.13"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: mariadb.enabled
- name: mariadb
- repository: https://charts.truecharts.org/
- version: 5.0.24
- - condition: redis.enabled
- name: redis
- repository: https://charts.truecharts.org
- version: 5.0.29
-description: "Protect your email from spam using disposable addresses."
-home: https://truecharts.org/charts/stable/anonaddy
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/anonaddy.png
-keywords:
- - anonaddy
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: anonaddy
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/anonaddy
- - https://github.com/anonaddy/docker
-version: 12.0.19
-annotations:
- truecharts.org/catagories: |
- - email
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/anonaddy/12.0.19/README.md b/stable/anonaddy/12.0.19/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/anonaddy/12.0.19/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/anonaddy/12.0.19/app-changelog.md b/stable/anonaddy/12.0.19/app-changelog.md
deleted file mode 100644
index 6b14a16be71..00000000000
--- a/stable/anonaddy/12.0.19/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [anonaddy-12.0.19](https://github.com/truecharts/charts/compare/anonaddy-12.0.18...anonaddy-12.0.19) (2023-01-23)
-
-### Chore
-
-- update helm general non-major
-
-
\ No newline at end of file
diff --git a/stable/anonaddy/12.0.19/app-readme.md b/stable/anonaddy/12.0.19/app-readme.md
deleted file mode 100644
index cd09b84c606..00000000000
--- a/stable/anonaddy/12.0.19/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Protect your email from spam using disposable addresses.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/anonaddy](https://truecharts.org/charts/stable/anonaddy)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/anonaddy/12.0.19/charts/common-11.1.2.tgz b/stable/anonaddy/12.0.19/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/anonaddy/12.0.19/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.19/charts/mariadb-5.0.24.tgz b/stable/anonaddy/12.0.19/charts/mariadb-5.0.24.tgz
deleted file mode 100644
index 93b79cb49c2..00000000000
Binary files a/stable/anonaddy/12.0.19/charts/mariadb-5.0.24.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.19/charts/redis-5.0.29.tgz b/stable/anonaddy/12.0.19/charts/redis-5.0.29.tgz
deleted file mode 100644
index ee3b38dee8e..00000000000
Binary files a/stable/anonaddy/12.0.19/charts/redis-5.0.29.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.19/ix_values.yaml b/stable/anonaddy/12.0.19/ix_values.yaml
deleted file mode 100644
index 00adc242ee5..00000000000
--- a/stable/anonaddy/12.0.19/ix_values.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-image:
- repository: tccr.io/truecharts/anonaddy
- tag: 0.13.13@sha256:495809d341b08ea6d02c7b0b318d48b00b7243392affd0d278ec1aa188a76ccd
- pullPolicy: IfNotPresent
-
-strategy:
- type: Recreate
-
-securityContext:
- runAsNonRoot: false
- readOnlyRootFilesystem: false
-
-podSecurityContext:
- runAsUser: 0
- runAsGroup: 0
-
-env:
- ANONADDY_DOMAIN: "chart-example.local"
- DB_DATABASE: anonaddy
- DB_USERNAME: anonaddy
- DB_HOST:
- secretKeyRef:
- name: mariadbcreds
- key: plainhost
- DB_PASSWORD:
- secretKeyRef:
- name: mariadbcreds
- key: mariadb-password
- REDIS_HOST:
- secretKeyRef:
- name: rediscreds
- key: plainhost
- REDIS_PASSWORD:
- secretKeyRef:
- name: rediscreds
- key: redis-password
- APP_KEY:
- secretKeyRef:
- name: appkey
- key: appkey
- ANONADDY_SECRET:
- secretKeyRef:
- name: appkey
- key: secret
-
-service:
- main:
- ports:
- main:
- port: 10110
- targetPort: 8000
- smtp:
- enabled: true
- ports:
- smtp:
- enabled: true
- port: 25
- targetPort: 25
-
-persistence:
- varrun:
- enabled: true
- config:
- enabled: true
- mountPath: "/config"
-
-redis:
- enabled: true
- existingSecret: "rediscreds"
-
-mariadb:
- enabled: true
- mariadbUsername: anonaddy
- mariadbDatabase: anonaddy
- existingSecret: "mariadbcreds"
-
-portal:
- enabled: true
diff --git a/stable/anonaddy/12.0.19/questions.yaml b/stable/anonaddy/12.0.19/questions.yaml
deleted file mode 100644
index 7b71e01917f..00000000000
--- a/stable/anonaddy/12.0.19/questions.yaml
+++ /dev/null
@@ -1,1894 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: env
- group: "App Configuration"
- label: "Image Environment"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ANONADDY_DOMAIN
- label: "ANONADDY_DOMAIN"
- schema:
- type: string
- default: ""
- required: true
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10110
- required: true
- - variable: smtp
- label: "smtp Service"
- description: "The smtp service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: smtp
- label: "smtp Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 25
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/stable/anonaddy/12.0.19/templates/_appkey.tpl b/stable/anonaddy/12.0.19/templates/_appkey.tpl
deleted file mode 100644
index daf70c0c464..00000000000
--- a/stable/anonaddy/12.0.19/templates/_appkey.tpl
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-This template generates a random password and ensures it persists across updates/edits to the chart
-*/}}
-{{- define "anonaddy.appkey" -}}
----
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: appkey
-{{- $keyprevious := lookup "v1" "Secret" .Release.Namespace "appkey" }}
-{{- $appkey := "" }}
-{{- $secret := "" }}
-data:
-{{- if $keyprevious }}
- {{- $appkey = ( index $keyprevious.data "appkey" ) }}
- {{- $secret = ( index $keyprevious.data "secret" ) }}
- appkey: {{ ( index $keyprevious.data "appkey" ) }}
- secret: {{ ( index $keyprevious.data "secret" ) }}
-{{- else }}
- {{- $appkey = randAlphaNum 32 }}
- {{- $secret = randAlphaNum 32 }}
- appkey: {{ $appkey | b64enc }}
- secret: {{ $secret | b64enc }}
-{{- end }}
-{{- end -}}
diff --git a/stable/anonaddy/12.0.19/templates/common.yaml b/stable/anonaddy/12.0.19/templates/common.yaml
deleted file mode 100644
index 65b6d2f295f..00000000000
--- a/stable/anonaddy/12.0.19/templates/common.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render appkey for anonaddy */}}
-{{- include "anonaddy.appkey" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/stable/anonaddy/12.0.19/values.yaml b/stable/anonaddy/12.0.19/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/anonaddy/12.0.20/CHANGELOG.md b/stable/anonaddy/12.0.20/CHANGELOG.md
deleted file mode 100644
index 3eb878903e1..00000000000
--- a/stable/anonaddy/12.0.20/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [anonaddy-12.0.20](https://github.com/truecharts/charts/compare/anonaddy-12.0.19...anonaddy-12.0.20) (2023-01-24)
-
-### Chore
-
-- update helm general non-major ([#6689](https://github.com/truecharts/charts/issues/6689))
-
-
-
-
-## [anonaddy-12.0.19](https://github.com/truecharts/charts/compare/anonaddy-12.0.18...anonaddy-12.0.19) (2023-01-23)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.18](https://github.com/truecharts/charts/compare/anonaddy-12.0.17...anonaddy-12.0.18) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
-
-
-## [anonaddy-12.0.17](https://github.com/truecharts/charts/compare/anonaddy-12.0.16...anonaddy-12.0.17) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [anonaddy-12.0.16](https://github.com/truecharts/charts/compare/anonaddy-12.0.15...anonaddy-12.0.16) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [anonaddy-12.0.15](https://github.com/truecharts/charts/compare/anonaddy-12.0.14...anonaddy-12.0.15) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848))
-
-
-
-
-## [anonaddy-12.0.14](https://github.com/truecharts/charts/compare/anonaddy-12.0.13...anonaddy-12.0.14) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [anonaddy-12.0.13](https://github.com/truecharts/charts/compare/anonaddy-12.0.12...anonaddy-12.0.13) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.12](https://github.com/truecharts/charts/compare/anonaddy-12.0.11...anonaddy-12.0.12) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.11](https://github.com/truecharts/charts/compare/anonaddy-12.0.10...anonaddy-12.0.11) (2022-12-19)
-
-### Chore
-
-- update container image tccr.io/truecharts/anonaddy to v0.13.13
-
-
-
-
-## [anonaddy-12.0.10](https://github.com/truecharts/charts/compare/anonaddy-12.0.9...anonaddy-12.0.10) (2022-12-18)
-
-### Chore
diff --git a/stable/anonaddy/12.0.20/Chart.yaml b/stable/anonaddy/12.0.20/Chart.yaml
deleted file mode 100644
index 36efbcb3304..00000000000
--- a/stable/anonaddy/12.0.20/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v2
-appVersion: "0.13.13"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: mariadb.enabled
- name: mariadb
- repository: https://charts.truecharts.org/
- version: 5.0.25
- - condition: redis.enabled
- name: redis
- repository: https://charts.truecharts.org
- version: 5.0.29
-description: "Protect your email from spam using disposable addresses."
-home: https://truecharts.org/charts/stable/anonaddy
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/anonaddy.png
-keywords:
- - anonaddy
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: anonaddy
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/anonaddy
- - https://github.com/anonaddy/docker
-version: 12.0.20
-annotations:
- truecharts.org/catagories: |
- - email
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/anonaddy/12.0.20/README.md b/stable/anonaddy/12.0.20/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/anonaddy/12.0.20/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/anonaddy/12.0.20/app-changelog.md b/stable/anonaddy/12.0.20/app-changelog.md
deleted file mode 100644
index 0509ed66c53..00000000000
--- a/stable/anonaddy/12.0.20/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [anonaddy-12.0.20](https://github.com/truecharts/charts/compare/anonaddy-12.0.19...anonaddy-12.0.20) (2023-01-24)
-
-### Chore
-
-- update helm general non-major ([#6689](https://github.com/truecharts/charts/issues/6689))
-
-
\ No newline at end of file
diff --git a/stable/anonaddy/12.0.20/app-readme.md b/stable/anonaddy/12.0.20/app-readme.md
deleted file mode 100644
index cd09b84c606..00000000000
--- a/stable/anonaddy/12.0.20/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Protect your email from spam using disposable addresses.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/anonaddy](https://truecharts.org/charts/stable/anonaddy)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/anonaddy/12.0.20/charts/common-11.1.2.tgz b/stable/anonaddy/12.0.20/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/anonaddy/12.0.20/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.20/charts/mariadb-5.0.25.tgz b/stable/anonaddy/12.0.20/charts/mariadb-5.0.25.tgz
deleted file mode 100644
index e22fecec567..00000000000
Binary files a/stable/anonaddy/12.0.20/charts/mariadb-5.0.25.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.20/charts/redis-5.0.29.tgz b/stable/anonaddy/12.0.20/charts/redis-5.0.29.tgz
deleted file mode 100644
index ee3b38dee8e..00000000000
Binary files a/stable/anonaddy/12.0.20/charts/redis-5.0.29.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.20/ix_values.yaml b/stable/anonaddy/12.0.20/ix_values.yaml
deleted file mode 100644
index 00adc242ee5..00000000000
--- a/stable/anonaddy/12.0.20/ix_values.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-image:
- repository: tccr.io/truecharts/anonaddy
- tag: 0.13.13@sha256:495809d341b08ea6d02c7b0b318d48b00b7243392affd0d278ec1aa188a76ccd
- pullPolicy: IfNotPresent
-
-strategy:
- type: Recreate
-
-securityContext:
- runAsNonRoot: false
- readOnlyRootFilesystem: false
-
-podSecurityContext:
- runAsUser: 0
- runAsGroup: 0
-
-env:
- ANONADDY_DOMAIN: "chart-example.local"
- DB_DATABASE: anonaddy
- DB_USERNAME: anonaddy
- DB_HOST:
- secretKeyRef:
- name: mariadbcreds
- key: plainhost
- DB_PASSWORD:
- secretKeyRef:
- name: mariadbcreds
- key: mariadb-password
- REDIS_HOST:
- secretKeyRef:
- name: rediscreds
- key: plainhost
- REDIS_PASSWORD:
- secretKeyRef:
- name: rediscreds
- key: redis-password
- APP_KEY:
- secretKeyRef:
- name: appkey
- key: appkey
- ANONADDY_SECRET:
- secretKeyRef:
- name: appkey
- key: secret
-
-service:
- main:
- ports:
- main:
- port: 10110
- targetPort: 8000
- smtp:
- enabled: true
- ports:
- smtp:
- enabled: true
- port: 25
- targetPort: 25
-
-persistence:
- varrun:
- enabled: true
- config:
- enabled: true
- mountPath: "/config"
-
-redis:
- enabled: true
- existingSecret: "rediscreds"
-
-mariadb:
- enabled: true
- mariadbUsername: anonaddy
- mariadbDatabase: anonaddy
- existingSecret: "mariadbcreds"
-
-portal:
- enabled: true
diff --git a/stable/anonaddy/12.0.20/questions.yaml b/stable/anonaddy/12.0.20/questions.yaml
deleted file mode 100644
index 18fd70a3229..00000000000
--- a/stable/anonaddy/12.0.20/questions.yaml
+++ /dev/null
@@ -1,1935 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: env
- group: "App Configuration"
- label: "Image Environment"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ANONADDY_DOMAIN
- label: "ANONADDY_DOMAIN"
- schema:
- type: string
- default: ""
- required: true
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10110
- required: true
- - variable: smtp
- label: "smtp Service"
- description: "The smtp service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: smtp
- label: "smtp Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 25
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/stable/anonaddy/12.0.20/templates/_appkey.tpl b/stable/anonaddy/12.0.20/templates/_appkey.tpl
deleted file mode 100644
index daf70c0c464..00000000000
--- a/stable/anonaddy/12.0.20/templates/_appkey.tpl
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-This template generates a random password and ensures it persists across updates/edits to the chart
-*/}}
-{{- define "anonaddy.appkey" -}}
----
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: appkey
-{{- $keyprevious := lookup "v1" "Secret" .Release.Namespace "appkey" }}
-{{- $appkey := "" }}
-{{- $secret := "" }}
-data:
-{{- if $keyprevious }}
- {{- $appkey = ( index $keyprevious.data "appkey" ) }}
- {{- $secret = ( index $keyprevious.data "secret" ) }}
- appkey: {{ ( index $keyprevious.data "appkey" ) }}
- secret: {{ ( index $keyprevious.data "secret" ) }}
-{{- else }}
- {{- $appkey = randAlphaNum 32 }}
- {{- $secret = randAlphaNum 32 }}
- appkey: {{ $appkey | b64enc }}
- secret: {{ $secret | b64enc }}
-{{- end }}
-{{- end -}}
diff --git a/stable/anonaddy/12.0.20/templates/common.yaml b/stable/anonaddy/12.0.20/templates/common.yaml
deleted file mode 100644
index 65b6d2f295f..00000000000
--- a/stable/anonaddy/12.0.20/templates/common.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render appkey for anonaddy */}}
-{{- include "anonaddy.appkey" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/stable/anonaddy/12.0.20/values.yaml b/stable/anonaddy/12.0.20/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/anonaddy/12.0.21/CHANGELOG.md b/stable/anonaddy/12.0.21/CHANGELOG.md
deleted file mode 100644
index d2925e093d2..00000000000
--- a/stable/anonaddy/12.0.21/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [anonaddy-12.0.21](https://github.com/truecharts/charts/compare/anonaddy-12.0.20...anonaddy-12.0.21) (2023-02-02)
-
-### Fix
-
-- remove non-link sources ([#6826](https://github.com/truecharts/charts/issues/6826))
-
-
-
-
-## [anonaddy-12.0.20](https://github.com/truecharts/charts/compare/anonaddy-12.0.19...anonaddy-12.0.20) (2023-01-24)
-
-### Chore
-
-- update helm general non-major ([#6689](https://github.com/truecharts/charts/issues/6689))
-
-
-
-
-## [anonaddy-12.0.19](https://github.com/truecharts/charts/compare/anonaddy-12.0.18...anonaddy-12.0.19) (2023-01-23)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.18](https://github.com/truecharts/charts/compare/anonaddy-12.0.17...anonaddy-12.0.18) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
-
-
-## [anonaddy-12.0.17](https://github.com/truecharts/charts/compare/anonaddy-12.0.16...anonaddy-12.0.17) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [anonaddy-12.0.16](https://github.com/truecharts/charts/compare/anonaddy-12.0.15...anonaddy-12.0.16) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [anonaddy-12.0.15](https://github.com/truecharts/charts/compare/anonaddy-12.0.14...anonaddy-12.0.15) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848))
-
-
-
-
-## [anonaddy-12.0.14](https://github.com/truecharts/charts/compare/anonaddy-12.0.13...anonaddy-12.0.14) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [anonaddy-12.0.13](https://github.com/truecharts/charts/compare/anonaddy-12.0.12...anonaddy-12.0.13) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.12](https://github.com/truecharts/charts/compare/anonaddy-12.0.11...anonaddy-12.0.12) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.11](https://github.com/truecharts/charts/compare/anonaddy-12.0.10...anonaddy-12.0.11) (2022-12-19)
-
-### Chore
diff --git a/stable/anonaddy/12.0.21/Chart.yaml b/stable/anonaddy/12.0.21/Chart.yaml
deleted file mode 100644
index b9ff7cb0f83..00000000000
--- a/stable/anonaddy/12.0.21/Chart.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-apiVersion: v2
-appVersion: "0.13.13"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: mariadb.enabled
- name: mariadb
- repository: https://charts.truecharts.org/
- version: 5.0.25
- - condition: redis.enabled
- name: redis
- repository: https://charts.truecharts.org
- version: 5.0.29
-description: "Protect your email from spam using disposable addresses."
-home: https://truecharts.org/charts/stable/anonaddy
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/anonaddy.png
-keywords:
- - anonaddy
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: anonaddy
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/anonaddy
- - https://hub.docker.com/anonaddy/anonaddy
- - https://github.com/anonaddy/docker
-version: 12.0.21
-annotations:
- truecharts.org/catagories: |
- - email
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/anonaddy/12.0.21/README.md b/stable/anonaddy/12.0.21/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/anonaddy/12.0.21/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/anonaddy/12.0.21/app-changelog.md b/stable/anonaddy/12.0.21/app-changelog.md
deleted file mode 100644
index e4a1236fb17..00000000000
--- a/stable/anonaddy/12.0.21/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [anonaddy-12.0.21](https://github.com/truecharts/charts/compare/anonaddy-12.0.20...anonaddy-12.0.21) (2023-02-02)
-
-### Fix
-
-- remove non-link sources ([#6826](https://github.com/truecharts/charts/issues/6826))
-
-
\ No newline at end of file
diff --git a/stable/anonaddy/12.0.21/app-readme.md b/stable/anonaddy/12.0.21/app-readme.md
deleted file mode 100644
index cd09b84c606..00000000000
--- a/stable/anonaddy/12.0.21/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Protect your email from spam using disposable addresses.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/anonaddy](https://truecharts.org/charts/stable/anonaddy)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/anonaddy/12.0.21/charts/common-11.1.2.tgz b/stable/anonaddy/12.0.21/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/anonaddy/12.0.21/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.21/charts/mariadb-5.0.25.tgz b/stable/anonaddy/12.0.21/charts/mariadb-5.0.25.tgz
deleted file mode 100644
index e22fecec567..00000000000
Binary files a/stable/anonaddy/12.0.21/charts/mariadb-5.0.25.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.21/charts/redis-5.0.29.tgz b/stable/anonaddy/12.0.21/charts/redis-5.0.29.tgz
deleted file mode 100644
index ee3b38dee8e..00000000000
Binary files a/stable/anonaddy/12.0.21/charts/redis-5.0.29.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.21/ix_values.yaml b/stable/anonaddy/12.0.21/ix_values.yaml
deleted file mode 100644
index 00adc242ee5..00000000000
--- a/stable/anonaddy/12.0.21/ix_values.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-image:
- repository: tccr.io/truecharts/anonaddy
- tag: 0.13.13@sha256:495809d341b08ea6d02c7b0b318d48b00b7243392affd0d278ec1aa188a76ccd
- pullPolicy: IfNotPresent
-
-strategy:
- type: Recreate
-
-securityContext:
- runAsNonRoot: false
- readOnlyRootFilesystem: false
-
-podSecurityContext:
- runAsUser: 0
- runAsGroup: 0
-
-env:
- ANONADDY_DOMAIN: "chart-example.local"
- DB_DATABASE: anonaddy
- DB_USERNAME: anonaddy
- DB_HOST:
- secretKeyRef:
- name: mariadbcreds
- key: plainhost
- DB_PASSWORD:
- secretKeyRef:
- name: mariadbcreds
- key: mariadb-password
- REDIS_HOST:
- secretKeyRef:
- name: rediscreds
- key: plainhost
- REDIS_PASSWORD:
- secretKeyRef:
- name: rediscreds
- key: redis-password
- APP_KEY:
- secretKeyRef:
- name: appkey
- key: appkey
- ANONADDY_SECRET:
- secretKeyRef:
- name: appkey
- key: secret
-
-service:
- main:
- ports:
- main:
- port: 10110
- targetPort: 8000
- smtp:
- enabled: true
- ports:
- smtp:
- enabled: true
- port: 25
- targetPort: 25
-
-persistence:
- varrun:
- enabled: true
- config:
- enabled: true
- mountPath: "/config"
-
-redis:
- enabled: true
- existingSecret: "rediscreds"
-
-mariadb:
- enabled: true
- mariadbUsername: anonaddy
- mariadbDatabase: anonaddy
- existingSecret: "mariadbcreds"
-
-portal:
- enabled: true
diff --git a/stable/anonaddy/12.0.21/questions.yaml b/stable/anonaddy/12.0.21/questions.yaml
deleted file mode 100644
index 18fd70a3229..00000000000
--- a/stable/anonaddy/12.0.21/questions.yaml
+++ /dev/null
@@ -1,1935 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: env
- group: "App Configuration"
- label: "Image Environment"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ANONADDY_DOMAIN
- label: "ANONADDY_DOMAIN"
- schema:
- type: string
- default: ""
- required: true
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10110
- required: true
- - variable: smtp
- label: "smtp Service"
- description: "The smtp service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: smtp
- label: "smtp Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 25
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/stable/anonaddy/12.0.21/templates/_appkey.tpl b/stable/anonaddy/12.0.21/templates/_appkey.tpl
deleted file mode 100644
index daf70c0c464..00000000000
--- a/stable/anonaddy/12.0.21/templates/_appkey.tpl
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-This template generates a random password and ensures it persists across updates/edits to the chart
-*/}}
-{{- define "anonaddy.appkey" -}}
----
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: appkey
-{{- $keyprevious := lookup "v1" "Secret" .Release.Namespace "appkey" }}
-{{- $appkey := "" }}
-{{- $secret := "" }}
-data:
-{{- if $keyprevious }}
- {{- $appkey = ( index $keyprevious.data "appkey" ) }}
- {{- $secret = ( index $keyprevious.data "secret" ) }}
- appkey: {{ ( index $keyprevious.data "appkey" ) }}
- secret: {{ ( index $keyprevious.data "secret" ) }}
-{{- else }}
- {{- $appkey = randAlphaNum 32 }}
- {{- $secret = randAlphaNum 32 }}
- appkey: {{ $appkey | b64enc }}
- secret: {{ $secret | b64enc }}
-{{- end }}
-{{- end -}}
diff --git a/stable/anonaddy/12.0.21/templates/common.yaml b/stable/anonaddy/12.0.21/templates/common.yaml
deleted file mode 100644
index 65b6d2f295f..00000000000
--- a/stable/anonaddy/12.0.21/templates/common.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render appkey for anonaddy */}}
-{{- include "anonaddy.appkey" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/stable/anonaddy/12.0.21/values.yaml b/stable/anonaddy/12.0.21/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/anonaddy/12.0.22/CHANGELOG.md b/stable/anonaddy/12.0.22/CHANGELOG.md
deleted file mode 100644
index 855a7ce5795..00000000000
--- a/stable/anonaddy/12.0.22/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [anonaddy-12.0.22](https://github.com/truecharts/charts/compare/anonaddy-12.0.21...anonaddy-12.0.22) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [anonaddy-12.0.21](https://github.com/truecharts/charts/compare/anonaddy-12.0.20...anonaddy-12.0.21) (2023-02-02)
-
-### Fix
-
-- remove non-link sources ([#6826](https://github.com/truecharts/charts/issues/6826))
-
-
-
-
-## [anonaddy-12.0.20](https://github.com/truecharts/charts/compare/anonaddy-12.0.19...anonaddy-12.0.20) (2023-01-24)
-
-### Chore
-
-- update helm general non-major ([#6689](https://github.com/truecharts/charts/issues/6689))
-
-
-
-
-## [anonaddy-12.0.19](https://github.com/truecharts/charts/compare/anonaddy-12.0.18...anonaddy-12.0.19) (2023-01-23)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.18](https://github.com/truecharts/charts/compare/anonaddy-12.0.17...anonaddy-12.0.18) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
-
-
-## [anonaddy-12.0.17](https://github.com/truecharts/charts/compare/anonaddy-12.0.16...anonaddy-12.0.17) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [anonaddy-12.0.16](https://github.com/truecharts/charts/compare/anonaddy-12.0.15...anonaddy-12.0.16) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [anonaddy-12.0.15](https://github.com/truecharts/charts/compare/anonaddy-12.0.14...anonaddy-12.0.15) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848))
-
-
-
-
-## [anonaddy-12.0.14](https://github.com/truecharts/charts/compare/anonaddy-12.0.13...anonaddy-12.0.14) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [anonaddy-12.0.13](https://github.com/truecharts/charts/compare/anonaddy-12.0.12...anonaddy-12.0.13) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.12](https://github.com/truecharts/charts/compare/anonaddy-12.0.11...anonaddy-12.0.12) (2022-12-19)
-
-### Chore
diff --git a/stable/anonaddy/12.0.22/Chart.yaml b/stable/anonaddy/12.0.22/Chart.yaml
deleted file mode 100644
index 614fd3ab228..00000000000
--- a/stable/anonaddy/12.0.22/Chart.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-apiVersion: v2
-appVersion: "0.13.13"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: mariadb.enabled
- name: mariadb
- repository: https://deps.truecharts.org/
- version: 5.0.25
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 5.0.29
-description: "Protect your email from spam using disposable addresses."
-home: https://truecharts.org/charts/stable/anonaddy
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/anonaddy.png
-keywords:
- - anonaddy
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: anonaddy
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/anonaddy
- - https://hub.docker.com/r/anonaddy/anonaddy
- - https://github.com/anonaddy/docker
-version: 12.0.22
-annotations:
- truecharts.org/catagories: |
- - email
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/anonaddy/12.0.22/README.md b/stable/anonaddy/12.0.22/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/anonaddy/12.0.22/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/anonaddy/12.0.22/app-changelog.md b/stable/anonaddy/12.0.22/app-changelog.md
deleted file mode 100644
index db6835e093f..00000000000
--- a/stable/anonaddy/12.0.22/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [anonaddy-12.0.22](https://github.com/truecharts/charts/compare/anonaddy-12.0.21...anonaddy-12.0.22) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/stable/anonaddy/12.0.22/app-readme.md b/stable/anonaddy/12.0.22/app-readme.md
deleted file mode 100644
index cd09b84c606..00000000000
--- a/stable/anonaddy/12.0.22/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Protect your email from spam using disposable addresses.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/anonaddy](https://truecharts.org/charts/stable/anonaddy)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/anonaddy/12.0.22/charts/common-11.1.2.tgz b/stable/anonaddy/12.0.22/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/anonaddy/12.0.22/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.22/charts/mariadb-5.0.25.tgz b/stable/anonaddy/12.0.22/charts/mariadb-5.0.25.tgz
deleted file mode 100644
index e22fecec567..00000000000
Binary files a/stable/anonaddy/12.0.22/charts/mariadb-5.0.25.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.22/charts/redis-5.0.29.tgz b/stable/anonaddy/12.0.22/charts/redis-5.0.29.tgz
deleted file mode 100644
index ee3b38dee8e..00000000000
Binary files a/stable/anonaddy/12.0.22/charts/redis-5.0.29.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.22/ix_values.yaml b/stable/anonaddy/12.0.22/ix_values.yaml
deleted file mode 100644
index 00adc242ee5..00000000000
--- a/stable/anonaddy/12.0.22/ix_values.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-image:
- repository: tccr.io/truecharts/anonaddy
- tag: 0.13.13@sha256:495809d341b08ea6d02c7b0b318d48b00b7243392affd0d278ec1aa188a76ccd
- pullPolicy: IfNotPresent
-
-strategy:
- type: Recreate
-
-securityContext:
- runAsNonRoot: false
- readOnlyRootFilesystem: false
-
-podSecurityContext:
- runAsUser: 0
- runAsGroup: 0
-
-env:
- ANONADDY_DOMAIN: "chart-example.local"
- DB_DATABASE: anonaddy
- DB_USERNAME: anonaddy
- DB_HOST:
- secretKeyRef:
- name: mariadbcreds
- key: plainhost
- DB_PASSWORD:
- secretKeyRef:
- name: mariadbcreds
- key: mariadb-password
- REDIS_HOST:
- secretKeyRef:
- name: rediscreds
- key: plainhost
- REDIS_PASSWORD:
- secretKeyRef:
- name: rediscreds
- key: redis-password
- APP_KEY:
- secretKeyRef:
- name: appkey
- key: appkey
- ANONADDY_SECRET:
- secretKeyRef:
- name: appkey
- key: secret
-
-service:
- main:
- ports:
- main:
- port: 10110
- targetPort: 8000
- smtp:
- enabled: true
- ports:
- smtp:
- enabled: true
- port: 25
- targetPort: 25
-
-persistence:
- varrun:
- enabled: true
- config:
- enabled: true
- mountPath: "/config"
-
-redis:
- enabled: true
- existingSecret: "rediscreds"
-
-mariadb:
- enabled: true
- mariadbUsername: anonaddy
- mariadbDatabase: anonaddy
- existingSecret: "mariadbcreds"
-
-portal:
- enabled: true
diff --git a/stable/anonaddy/12.0.22/questions.yaml b/stable/anonaddy/12.0.22/questions.yaml
deleted file mode 100644
index 18fd70a3229..00000000000
--- a/stable/anonaddy/12.0.22/questions.yaml
+++ /dev/null
@@ -1,1935 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: env
- group: "App Configuration"
- label: "Image Environment"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ANONADDY_DOMAIN
- label: "ANONADDY_DOMAIN"
- schema:
- type: string
- default: ""
- required: true
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10110
- required: true
- - variable: smtp
- label: "smtp Service"
- description: "The smtp service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: smtp
- label: "smtp Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 25
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/stable/anonaddy/12.0.22/templates/_appkey.tpl b/stable/anonaddy/12.0.22/templates/_appkey.tpl
deleted file mode 100644
index daf70c0c464..00000000000
--- a/stable/anonaddy/12.0.22/templates/_appkey.tpl
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-This template generates a random password and ensures it persists across updates/edits to the chart
-*/}}
-{{- define "anonaddy.appkey" -}}
----
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: appkey
-{{- $keyprevious := lookup "v1" "Secret" .Release.Namespace "appkey" }}
-{{- $appkey := "" }}
-{{- $secret := "" }}
-data:
-{{- if $keyprevious }}
- {{- $appkey = ( index $keyprevious.data "appkey" ) }}
- {{- $secret = ( index $keyprevious.data "secret" ) }}
- appkey: {{ ( index $keyprevious.data "appkey" ) }}
- secret: {{ ( index $keyprevious.data "secret" ) }}
-{{- else }}
- {{- $appkey = randAlphaNum 32 }}
- {{- $secret = randAlphaNum 32 }}
- appkey: {{ $appkey | b64enc }}
- secret: {{ $secret | b64enc }}
-{{- end }}
-{{- end -}}
diff --git a/stable/anonaddy/12.0.22/templates/common.yaml b/stable/anonaddy/12.0.22/templates/common.yaml
deleted file mode 100644
index 65b6d2f295f..00000000000
--- a/stable/anonaddy/12.0.22/templates/common.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render appkey for anonaddy */}}
-{{- include "anonaddy.appkey" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/stable/anonaddy/12.0.22/values.yaml b/stable/anonaddy/12.0.22/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/anonaddy/12.0.23/CHANGELOG.md b/stable/anonaddy/12.0.23/CHANGELOG.md
deleted file mode 100644
index 9043eacb8e1..00000000000
--- a/stable/anonaddy/12.0.23/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [anonaddy-12.0.23](https://github.com/truecharts/charts/compare/anonaddy-12.0.22...anonaddy-12.0.23) (2023-02-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.22](https://github.com/truecharts/charts/compare/anonaddy-12.0.21...anonaddy-12.0.22) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [anonaddy-12.0.21](https://github.com/truecharts/charts/compare/anonaddy-12.0.20...anonaddy-12.0.21) (2023-02-02)
-
-### Fix
-
-- remove non-link sources ([#6826](https://github.com/truecharts/charts/issues/6826))
-
-
-
-
-## [anonaddy-12.0.20](https://github.com/truecharts/charts/compare/anonaddy-12.0.19...anonaddy-12.0.20) (2023-01-24)
-
-### Chore
-
-- update helm general non-major ([#6689](https://github.com/truecharts/charts/issues/6689))
-
-
-
-
-## [anonaddy-12.0.19](https://github.com/truecharts/charts/compare/anonaddy-12.0.18...anonaddy-12.0.19) (2023-01-23)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [anonaddy-12.0.18](https://github.com/truecharts/charts/compare/anonaddy-12.0.17...anonaddy-12.0.18) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
-
-
-## [anonaddy-12.0.17](https://github.com/truecharts/charts/compare/anonaddy-12.0.16...anonaddy-12.0.17) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [anonaddy-12.0.16](https://github.com/truecharts/charts/compare/anonaddy-12.0.15...anonaddy-12.0.16) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [anonaddy-12.0.15](https://github.com/truecharts/charts/compare/anonaddy-12.0.14...anonaddy-12.0.15) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848))
-
-
-
-
-## [anonaddy-12.0.14](https://github.com/truecharts/charts/compare/anonaddy-12.0.13...anonaddy-12.0.14) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [anonaddy-12.0.13](https://github.com/truecharts/charts/compare/anonaddy-12.0.12...anonaddy-12.0.13) (2022-12-25)
-
-### Chore
diff --git a/stable/anonaddy/12.0.23/Chart.yaml b/stable/anonaddy/12.0.23/Chart.yaml
deleted file mode 100644
index 6cf05866807..00000000000
--- a/stable/anonaddy/12.0.23/Chart.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-apiVersion: v2
-appVersion: "0.13.13"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: mariadb.enabled
- name: mariadb
- repository: https://deps.truecharts.org/
- version: 5.0.32
- - condition: redis.enabled
- name: redis
- repository: https://deps.truecharts.org
- version: 5.0.32
-description: "Protect your email from spam using disposable addresses."
-home: https://truecharts.org/charts/stable/anonaddy
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/anonaddy.png
-keywords:
- - anonaddy
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: anonaddy
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/anonaddy
- - https://hub.docker.com/r/anonaddy/anonaddy
- - https://github.com/anonaddy/docker
-version: 12.0.23
-annotations:
- truecharts.org/catagories: |
- - email
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/anonaddy/12.0.23/README.md b/stable/anonaddy/12.0.23/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/anonaddy/12.0.23/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/anonaddy/12.0.23/app-changelog.md b/stable/anonaddy/12.0.23/app-changelog.md
deleted file mode 100644
index dd81904506c..00000000000
--- a/stable/anonaddy/12.0.23/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [anonaddy-12.0.23](https://github.com/truecharts/charts/compare/anonaddy-12.0.22...anonaddy-12.0.23) (2023-02-19)
-
-### Chore
-
-- update helm general non-major
-
-
\ No newline at end of file
diff --git a/stable/anonaddy/12.0.23/app-readme.md b/stable/anonaddy/12.0.23/app-readme.md
deleted file mode 100644
index cd09b84c606..00000000000
--- a/stable/anonaddy/12.0.23/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Protect your email from spam using disposable addresses.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/anonaddy](https://truecharts.org/charts/stable/anonaddy)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/anonaddy/12.0.23/charts/common-11.1.2.tgz b/stable/anonaddy/12.0.23/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/anonaddy/12.0.23/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.23/charts/mariadb-5.0.32.tgz b/stable/anonaddy/12.0.23/charts/mariadb-5.0.32.tgz
deleted file mode 100644
index a8b7cbe2d84..00000000000
Binary files a/stable/anonaddy/12.0.23/charts/mariadb-5.0.32.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.23/charts/redis-5.0.32.tgz b/stable/anonaddy/12.0.23/charts/redis-5.0.32.tgz
deleted file mode 100644
index 83d28442563..00000000000
Binary files a/stable/anonaddy/12.0.23/charts/redis-5.0.32.tgz and /dev/null differ
diff --git a/stable/anonaddy/12.0.23/ix_values.yaml b/stable/anonaddy/12.0.23/ix_values.yaml
deleted file mode 100644
index 00adc242ee5..00000000000
--- a/stable/anonaddy/12.0.23/ix_values.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-image:
- repository: tccr.io/truecharts/anonaddy
- tag: 0.13.13@sha256:495809d341b08ea6d02c7b0b318d48b00b7243392affd0d278ec1aa188a76ccd
- pullPolicy: IfNotPresent
-
-strategy:
- type: Recreate
-
-securityContext:
- runAsNonRoot: false
- readOnlyRootFilesystem: false
-
-podSecurityContext:
- runAsUser: 0
- runAsGroup: 0
-
-env:
- ANONADDY_DOMAIN: "chart-example.local"
- DB_DATABASE: anonaddy
- DB_USERNAME: anonaddy
- DB_HOST:
- secretKeyRef:
- name: mariadbcreds
- key: plainhost
- DB_PASSWORD:
- secretKeyRef:
- name: mariadbcreds
- key: mariadb-password
- REDIS_HOST:
- secretKeyRef:
- name: rediscreds
- key: plainhost
- REDIS_PASSWORD:
- secretKeyRef:
- name: rediscreds
- key: redis-password
- APP_KEY:
- secretKeyRef:
- name: appkey
- key: appkey
- ANONADDY_SECRET:
- secretKeyRef:
- name: appkey
- key: secret
-
-service:
- main:
- ports:
- main:
- port: 10110
- targetPort: 8000
- smtp:
- enabled: true
- ports:
- smtp:
- enabled: true
- port: 25
- targetPort: 25
-
-persistence:
- varrun:
- enabled: true
- config:
- enabled: true
- mountPath: "/config"
-
-redis:
- enabled: true
- existingSecret: "rediscreds"
-
-mariadb:
- enabled: true
- mariadbUsername: anonaddy
- mariadbDatabase: anonaddy
- existingSecret: "mariadbcreds"
-
-portal:
- enabled: true
diff --git a/stable/anonaddy/12.0.23/questions.yaml b/stable/anonaddy/12.0.23/questions.yaml
deleted file mode 100644
index 18fd70a3229..00000000000
--- a/stable/anonaddy/12.0.23/questions.yaml
+++ /dev/null
@@ -1,1935 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: env
- group: "App Configuration"
- label: "Image Environment"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ANONADDY_DOMAIN
- label: "ANONADDY_DOMAIN"
- schema:
- type: string
- default: ""
- required: true
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 10110
- required: true
- - variable: smtp
- label: "smtp Service"
- description: "The smtp service"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: smtp
- label: "smtp Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 25
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/stable/anonaddy/12.0.23/templates/_appkey.tpl b/stable/anonaddy/12.0.23/templates/_appkey.tpl
deleted file mode 100644
index daf70c0c464..00000000000
--- a/stable/anonaddy/12.0.23/templates/_appkey.tpl
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-This template generates a random password and ensures it persists across updates/edits to the chart
-*/}}
-{{- define "anonaddy.appkey" -}}
----
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- labels:
- {{- include "tc.common.labels" . | nindent 4 }}
- name: appkey
-{{- $keyprevious := lookup "v1" "Secret" .Release.Namespace "appkey" }}
-{{- $appkey := "" }}
-{{- $secret := "" }}
-data:
-{{- if $keyprevious }}
- {{- $appkey = ( index $keyprevious.data "appkey" ) }}
- {{- $secret = ( index $keyprevious.data "secret" ) }}
- appkey: {{ ( index $keyprevious.data "appkey" ) }}
- secret: {{ ( index $keyprevious.data "secret" ) }}
-{{- else }}
- {{- $appkey = randAlphaNum 32 }}
- {{- $secret = randAlphaNum 32 }}
- appkey: {{ $appkey | b64enc }}
- secret: {{ $secret | b64enc }}
-{{- end }}
-{{- end -}}
diff --git a/stable/anonaddy/12.0.23/templates/common.yaml b/stable/anonaddy/12.0.23/templates/common.yaml
deleted file mode 100644
index 65b6d2f295f..00000000000
--- a/stable/anonaddy/12.0.23/templates/common.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render appkey for anonaddy */}}
-{{- include "anonaddy.appkey" . }}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/stable/anonaddy/12.0.23/values.yaml b/stable/anonaddy/12.0.23/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/appdaemon/11.0.10/CHANGELOG.md b/stable/appdaemon/11.0.10/CHANGELOG.md
deleted file mode 100644
index 2f41ad26bb4..00000000000
--- a/stable/appdaemon/11.0.10/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [appdaemon-11.0.10](https://github.com/truecharts/charts/compare/appdaemon-11.0.9...appdaemon-11.0.10) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
-
-
-## [appdaemon-11.0.9](https://github.com/truecharts/charts/compare/appdaemon-11.0.8...appdaemon-11.0.9) (2023-01-04)
-
-
-
-
-## [appdaemon-11.0.8](https://github.com/truecharts/charts/compare/appdaemon-11.0.7...appdaemon-11.0.8) (2023-01-01)
-
-
-
-
-## [appdaemon-11.0.7](https://github.com/truecharts/charts/compare/appdaemon-11.0.6...appdaemon-11.0.7) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [appdaemon-11.0.6](https://github.com/truecharts/charts/compare/appdaemon-11.0.5...appdaemon-11.0.6) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [appdaemon-11.0.5](https://github.com/truecharts/charts/compare/appdaemon-11.0.4...appdaemon-11.0.5) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [appdaemon-11.0.4](https://github.com/truecharts/charts/compare/appdaemon-11.0.3...appdaemon-11.0.4) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [appdaemon-11.0.3](https://github.com/truecharts/charts/compare/appdaemon-11.0.2...appdaemon-11.0.3) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
diff --git a/stable/appdaemon/11.0.10/Chart.yaml b/stable/appdaemon/11.0.10/Chart.yaml
deleted file mode 100644
index e1edbf8ef48..00000000000
--- a/stable/appdaemon/11.0.10/Chart.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: v2
-appVersion: "4.2.1"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: AppDaemon is a loosely coupled, multi-threaded, sandboxed python execution environment for writing automation apps.
-home: https://truecharts.org/charts/stable/appdaemon
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/appdaemon.png
-keywords:
- - appdaemon
- - homeautomation
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- - email: 20650065+warllo54@users.noreply.github.com
- name: warllo54
- url: truecharts.org
-name: appdaemon
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/appdaemon
- - https://hub.docker.com/r/acockburn/appdaemon
- - https://github.com/AppDaemon/appdaemon
-type: application
-version: 11.0.10
-annotations:
- truecharts.org/catagories: |
- - utilities
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/appdaemon/11.0.10/README.md b/stable/appdaemon/11.0.10/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/appdaemon/11.0.10/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/appdaemon/11.0.10/app-changelog.md b/stable/appdaemon/11.0.10/app-changelog.md
deleted file mode 100644
index df4e75245ad..00000000000
--- a/stable/appdaemon/11.0.10/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [appdaemon-11.0.10](https://github.com/truecharts/charts/compare/appdaemon-11.0.9...appdaemon-11.0.10) (2023-02-10)
-
-### Fix
-
-- ensure new helm deps repo is used in latest releases as well.
-
-
\ No newline at end of file
diff --git a/stable/appdaemon/11.0.10/app-readme.md b/stable/appdaemon/11.0.10/app-readme.md
deleted file mode 100644
index c51736d02b5..00000000000
--- a/stable/appdaemon/11.0.10/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-AppDaemon is a loosely coupled, multi-threaded, sandboxed python execution environment for writing automation apps.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/appdaemon](https://truecharts.org/charts/stable/appdaemon)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/appdaemon/11.0.10/charts/common-11.1.2.tgz b/stable/appdaemon/11.0.10/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/appdaemon/11.0.10/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/appdaemon/11.0.10/ix_values.yaml b/stable/appdaemon/11.0.10/ix_values.yaml
deleted file mode 100644
index 852948a47b5..00000000000
--- a/stable/appdaemon/11.0.10/ix_values.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-image:
- repository: tccr.io/truecharts/appdaemon
- pullPolicy: IfNotPresent
- tag: v4.2.1@sha256:e9c2639389084bd3ea7b272d5239cf6da7b5e3eb49069bbcafd002e551681dda
-
-securityContext:
- runAsNonRoot: false
- readOnlyRootFilesystem: false
-
-podSecurityContext:
- runAsUser: 0
- runAsGroup: 0
-
-secretEnv:
- TOKEN: "REPLACETHIS"
-
-env:
- DASH_URL: "http://$HOSTNAME:5050"
- HA_URL: ""
- LATITUDE: 46
- LONGITUDE: -94
- ELEVATION: 1217
- TIMEZONE: "{{ .Values.TZ }}"
-
-service:
- main:
- ports:
- main:
- port: 5050
- targetPort: 5050
-
-persistence:
- conf:
- enabled: true
- mountPath: "/conf"
- varrun:
- enabled: true
-
-portal:
- enabled: true
diff --git a/stable/appdaemon/11.0.10/questions.yaml b/stable/appdaemon/11.0.10/questions.yaml
deleted file mode 100644
index b6f7a912fc8..00000000000
--- a/stable/appdaemon/11.0.10/questions.yaml
+++ /dev/null
@@ -1,1930 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: secretEnv
- group: App Configuration
- label: Image Secrets
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: TOKEN
- label: HA Token
- description: Your Long Live Home-Assistant Token
- schema:
- type: string
- private: true
- required: true
- default: ""
- # Docker specific env
- - variable: env
- group: App Configuration
- label: Image Environment
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: HA_URL
- label: HA URL
- description: Your Home-Assistant URL
- schema:
- type: string
- default: ""
- required: true
- - variable: DASH_URL
- label: Dashboard URL
- description: URL of your AppDaemon dashboard
- schema:
- type: string
- default: http://$HOSTNAME:5050
- required: true
- - variable: LATITUDE
- label: Latitude
- description: Latitude of your home assistant instance
- schema:
- type: string
- default: ""
- valid_chars: '^(\+|-)?(?:90(?:(?:\.0{1,15})?)|(?:[0-9]|[1-8][0-9])(?:(?:\.[0-9]{1,15})?))$'
- required: true
- - variable: LONGITUDE
- label: Longitude
- description: Longitude of your home assistant instance
- schema:
- type: string
- default: ""
- valid_chars: '^(\+|-)?(?:180(?:(?:\.0{1,15})?)|(?:[0-9]|[1-9][0-9]|1[0-7][0-9])(?:(?:\.[0-9]{1,15})?))$'
- required: true
- - variable: ELEVATION
- label: Elevation
- description: Longitude of your home assistant instance
- schema:
- type: int
- default: 0
- required: true
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Service
- description: The Primary service on which the healthcheck runs, often the webUI
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Service Port Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- description: This port exposes the container port on the service
- schema:
- type: int
- default: 5050
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: conf
- label: App Config Storage
- description: Stores the Application Configuration.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- show_if: [["clusterIssuer", "=", ""]]
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
-
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: string
- default: ""
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: clusterIssuer
- label: clusterIssuer
- description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
- schema:
- type: string
- default: ""
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- show_if: [["clusterIssuer", "=", ""]]
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: clusterIssuer
- label: Use Cert-Manager clusterIssuer
- description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
- schema:
- type: string
- default: ""
- - variable: scaleCert
- label: Use TrueNAS SCALE Certificate (Deprecated)
- schema:
- show_if: [["clusterIssuer", "=", ""]]
- type: int
- $ref:
- - "definitions/certificate"
- - variable: secretName
- label: Use Custom Secret (Advanced)
- schema:
- type: string
- show_if: [["clusterIssuer", "=", ""]]
- default: ""
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: Privileged mode
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: ReadOnly Root Filesystem
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: Allow Privilege Escalation
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: runAsNonRoot
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: runAsUser
- description: The UserID of the user running the application
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: runAsGroup
- description: The groupID this App of the user running the application
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: fsGroup
- description: The group that should own ALL storage.
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/stable/appdaemon/11.0.10/templates/common.yaml b/stable/appdaemon/11.0.10/templates/common.yaml
deleted file mode 100644
index c1a366e1cf0..00000000000
--- a/stable/appdaemon/11.0.10/templates/common.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "tc.common.loader.all" . }}
diff --git a/stable/appdaemon/11.0.10/values.yaml b/stable/appdaemon/11.0.10/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/appdaemon/11.0.9/CHANGELOG.md b/stable/appdaemon/11.0.9/CHANGELOG.md
deleted file mode 100644
index 7c182c5158d..00000000000
--- a/stable/appdaemon/11.0.9/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [appdaemon-11.0.9](https://github.com/truecharts/charts/compare/appdaemon-11.0.8...appdaemon-11.0.9) (2023-01-04)
-
-
-
-
-## [appdaemon-11.0.8](https://github.com/truecharts/charts/compare/appdaemon-11.0.7...appdaemon-11.0.8) (2023-01-01)
-
-
-
-
-## [appdaemon-11.0.7](https://github.com/truecharts/charts/compare/appdaemon-11.0.6...appdaemon-11.0.7) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [appdaemon-11.0.6](https://github.com/truecharts/charts/compare/appdaemon-11.0.5...appdaemon-11.0.6) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [appdaemon-11.0.5](https://github.com/truecharts/charts/compare/appdaemon-11.0.4...appdaemon-11.0.5) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [appdaemon-11.0.4](https://github.com/truecharts/charts/compare/appdaemon-11.0.3...appdaemon-11.0.4) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [appdaemon-11.0.3](https://github.com/truecharts/charts/compare/appdaemon-11.0.2...appdaemon-11.0.3) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
-
-
-## [appdaemon-11.0.2](https://github.com/truecharts/charts/compare/appdaemon-11.0.1...appdaemon-11.0.2) (2022-11-30)
-
-
diff --git a/stable/appdaemon/11.0.9/Chart.yaml b/stable/appdaemon/11.0.9/Chart.yaml
deleted file mode 100644
index 916f0346dc1..00000000000
--- a/stable/appdaemon/11.0.9/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-appVersion: "4.2.1"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
-deprecated: false
-description: AppDaemon is a loosely coupled, multi-threaded, sandboxed python execution environment for writing automation apps.
-home: https://truecharts.org/charts/stable/appdaemon
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/appdaemon.png
-keywords:
- - appdaemon
- - homeautomation
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
- - email: 20650065+warllo54@users.noreply.github.com
- name: warllo54
- url: truecharts.org
-name: appdaemon
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/appdaemon
- - https://github.com/AppDaemon/appdaemon
-type: application
-version: 11.0.9
-annotations:
- truecharts.org/catagories: |
- - utilities
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/appdaemon/11.0.9/README.md b/stable/appdaemon/11.0.9/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/appdaemon/11.0.9/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/appdaemon/11.0.9/app-changelog.md b/stable/appdaemon/11.0.9/app-changelog.md
deleted file mode 100644
index 3259ce980ad..00000000000
--- a/stable/appdaemon/11.0.9/app-changelog.md
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
-## [appdaemon-11.0.9](https://github.com/truecharts/charts/compare/appdaemon-11.0.8...appdaemon-11.0.9) (2023-01-04)
-
diff --git a/stable/appdaemon/11.0.9/app-readme.md b/stable/appdaemon/11.0.9/app-readme.md
deleted file mode 100644
index 922e094b36e..00000000000
--- a/stable/appdaemon/11.0.9/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-AppDaemon is a loosely coupled, multi-threaded, sandboxed python execution environment for writing automation apps.
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/appdaemon](https://truecharts.org/charts/stable/appdaemon)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/about/sponsor) or contributing back to the project any way you can!
diff --git a/stable/appdaemon/11.0.9/charts/common-11.1.2.tgz b/stable/appdaemon/11.0.9/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/appdaemon/11.0.9/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/appdaemon/11.0.9/ix_values.yaml b/stable/appdaemon/11.0.9/ix_values.yaml
deleted file mode 100644
index 852948a47b5..00000000000
--- a/stable/appdaemon/11.0.9/ix_values.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-image:
- repository: tccr.io/truecharts/appdaemon
- pullPolicy: IfNotPresent
- tag: v4.2.1@sha256:e9c2639389084bd3ea7b272d5239cf6da7b5e3eb49069bbcafd002e551681dda
-
-securityContext:
- runAsNonRoot: false
- readOnlyRootFilesystem: false
-
-podSecurityContext:
- runAsUser: 0
- runAsGroup: 0
-
-secretEnv:
- TOKEN: "REPLACETHIS"
-
-env:
- DASH_URL: "http://$HOSTNAME:5050"
- HA_URL: ""
- LATITUDE: 46
- LONGITUDE: -94
- ELEVATION: 1217
- TIMEZONE: "{{ .Values.TZ }}"
-
-service:
- main:
- ports:
- main:
- port: 5050
- targetPort: 5050
-
-persistence:
- conf:
- enabled: true
- mountPath: "/conf"
- varrun:
- enabled: true
-
-portal:
- enabled: true
diff --git a/stable/appdaemon/11.0.9/questions.yaml b/stable/appdaemon/11.0.9/questions.yaml
deleted file mode 100644
index 1d3b92bc57d..00000000000
--- a/stable/appdaemon/11.0.9/questions.yaml
+++ /dev/null
@@ -1,1889 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: secretEnv
- group: App Configuration
- label: Image Secrets
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: TOKEN
- label: HA Token
- description: Your Long Live Home-Assistant Token
- schema:
- type: string
- private: true
- required: true
- default: ""
- # Docker specific env
- - variable: env
- group: App Configuration
- label: Image Environment
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: HA_URL
- label: HA URL
- description: Your Home-Assistant URL
- schema:
- type: string
- default: ""
- required: true
- - variable: DASH_URL
- label: Dashboard URL
- description: URL of your AppDaemon dashboard
- schema:
- type: string
- default: http://$HOSTNAME:5050
- required: true
- - variable: LATITUDE
- label: Latitude
- description: Latitude of your home assistant instance
- schema:
- type: string
- default: ""
- valid_chars: '^(\+|-)?(?:90(?:(?:\.0{1,15})?)|(?:[0-9]|[1-8][0-9])(?:(?:\.[0-9]{1,15})?))$'
- required: true
- - variable: LONGITUDE
- label: Longitude
- description: Longitude of your home assistant instance
- schema:
- type: string
- default: ""
- valid_chars: '^(\+|-)?(?:180(?:(?:\.0{1,15})?)|(?:[0-9]|[1-9][0-9]|1[0-7][0-9])(?:(?:\.[0-9]{1,15})?))$'
- required: true
- - variable: ELEVATION
- label: Elevation
- description: Longitude of your home assistant instance
- schema:
- type: int
- default: 0
- required: true
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Service
- description: The Primary service on which the healthcheck runs, often the webUI
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Service Port Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- description: This port exposes the container port on the service
- schema:
- type: int
- default: 5050
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: conf
- label: App Config Storage
- description: Stores the Application Configuration.
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: Main Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: Privileged mode
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: ReadOnly Root Filesystem
- schema:
- type: boolean
- default: false
- - variable: allowPrivilegeEscalation
- label: Allow Privilege Escalation
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: runAsNonRoot
- schema:
- type: boolean
- default: false
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: runAsUser
- description: The UserID of the user running the application
- schema:
- type: int
- default: 0
- - variable: runAsGroup
- label: runAsGroup
- description: The groupID this App of the user running the application
- schema:
- type: int
- default: 0
- - variable: fsGroup
- label: fsGroup
- description: The group that should own ALL storage.
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: horizontalPodAutoscaler
- group: Advanced
- label: (Advanced) Horizontal Pod Autoscaler
- schema:
- type: list
- default: []
- items:
- - variable: hpaEntry
- label: HPA Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: target
- label: Target
- description: Deployment name, Defaults to Main Deployment
- schema:
- type: string
- default: ""
- - variable: minReplicas
- label: Minimum Replicas
- schema:
- type: int
- default: 1
- - variable: maxReplicas
- label: Maximum Replicas
- schema:
- type: int
- default: 5
- - variable: targetCPUUtilizationPercentage
- label: Target CPU Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: targetMemoryUtilizationPercentage
- label: Target Memory Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
diff --git a/stable/appdaemon/11.0.9/templates/common.yaml b/stable/appdaemon/11.0.9/templates/common.yaml
deleted file mode 100644
index c1a366e1cf0..00000000000
--- a/stable/appdaemon/11.0.9/templates/common.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "tc.common.loader.all" . }}
diff --git a/stable/appdaemon/11.0.9/values.yaml b/stable/appdaemon/11.0.9/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/authelia/14.0.23/CHANGELOG.md b/stable/authelia/14.0.23/CHANGELOG.md
deleted file mode 100644
index 0dd7a35ace0..00000000000
--- a/stable/authelia/14.0.23/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-14.0.23](https://github.com/truecharts/charts/compare/authelia-14.0.22...authelia-14.0.23) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [authelia-14.0.22](https://github.com/truecharts/charts/compare/authelia-14.0.21...authelia-14.0.22) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [authelia-14.0.21](https://github.com/truecharts/charts/compare/authelia-14.0.20...authelia-14.0.21) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848))
-
-
-
-
-## [authelia-14.0.20](https://github.com/truecharts/charts/compare/authelia-14.0.19...authelia-14.0.20) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [authelia-14.0.19](https://github.com/truecharts/charts/compare/authelia-14.0.18...authelia-14.0.19) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [authelia-14.0.18](https://github.com/truecharts/charts/compare/authelia-14.0.17...authelia-14.0.18) (2022-12-25)
-
-### Fix
-
-- Allow SMTP without username and password (SMTP relay) ([#5770](https://github.com/truecharts/charts/issues/5770))
-
-
-
-
-## [authelia-14.0.17](https://github.com/truecharts/charts/compare/authelia-14.0.16...authelia-14.0.17) (2022-12-21)
-
-### Chore
-
-- update container image tccr.io/truecharts/authelia to v4.37.5
-
-
-
-
-## [authelia-14.0.16](https://github.com/truecharts/charts/compare/authelia-14.0.15...authelia-14.0.16) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [authelia-14.0.15](https://github.com/truecharts/charts/compare/authelia-14.0.13...authelia-14.0.15) (2022-12-18)
-
-### Chore
-
-- update container image tccr.io/truecharts/authelia to v4.37.4
- - update helm chart postgresql to v11.0.13 ([#5495](https://github.com/truecharts/charts/issues/5495))
- - update helm chart redis to v5.0.16
-
-
-
-
-## [authelia-14.0.13](https://github.com/truecharts/charts/compare/authelia-14.0.12...authelia-14.0.13) (2022-12-13)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [authelia-14.0.12](https://github.com/truecharts/charts/compare/authelia-14.0.11...authelia-14.0.12) (2022-12-08)
diff --git a/stable/authelia/14.0.23/Chart.yaml b/stable/authelia/14.0.23/Chart.yaml
deleted file mode 100644
index 35df49e9c60..00000000000
--- a/stable/authelia/14.0.23/Chart.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: postgresql.enabled
- name: postgresql
- repository: https://charts.truecharts.org/
- version: 11.0.18
- - condition: redis.enabled
- name: redis
- repository: https://charts.truecharts.org
- version: 5.0.24
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/stable/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 14.0.23
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/authelia/14.0.23/README.md b/stable/authelia/14.0.23/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/authelia/14.0.23/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/authelia/14.0.23/app-changelog.md b/stable/authelia/14.0.23/app-changelog.md
deleted file mode 100644
index be12f19eb92..00000000000
--- a/stable/authelia/14.0.23/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-14.0.23](https://github.com/truecharts/charts/compare/authelia-14.0.22...authelia-14.0.23) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
\ No newline at end of file
diff --git a/stable/authelia/14.0.23/app-readme.md b/stable/authelia/14.0.23/app-readme.md
deleted file mode 100644
index 50fb447e5f1..00000000000
--- a/stable/authelia/14.0.23/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/authelia](https://truecharts.org/charts/stable/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/about/sponsor) or contributing back to the project any way you can!
diff --git a/stable/authelia/14.0.23/charts/common-11.1.2.tgz b/stable/authelia/14.0.23/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/authelia/14.0.23/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.23/charts/postgresql-11.0.18.tgz b/stable/authelia/14.0.23/charts/postgresql-11.0.18.tgz
deleted file mode 100644
index cdad3657e1f..00000000000
Binary files a/stable/authelia/14.0.23/charts/postgresql-11.0.18.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.23/charts/redis-5.0.24.tgz b/stable/authelia/14.0.23/charts/redis-5.0.24.tgz
deleted file mode 100644
index 6512b89fa8a..00000000000
Binary files a/stable/authelia/14.0.23/charts/redis-5.0.24.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.23/ix_values.yaml b/stable/authelia/14.0.23/ix_values.yaml
deleted file mode 100644
index 05a8d755871..00000000000
--- a/stable/authelia/14.0.23/ix_values.yaml
+++ /dev/null
@@ -1,628 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-command: ["authelia"]
-args: ["--config=/configuration.yaml"]
-
-enableServiceLinks: false
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-# Enabled postgres
-postgresql:
- enabled: true
- existingSecret: "dbcreds"
- postgresqlUsername: authelia
- postgresqlDatabase: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
- existingSecret: "rediscreds"
-
-resources:
- limits: {}
- # limits:
- # cpu: "4.00"
- # memory: 125Mi
- requests: {}
- # requests:
- # cpu: "0.25"
- # memory: 50Mi
-
-envFrom:
- - configMapRef:
- name: authelia-paths
-
-# probes:
-# liveness:
-# type: HTTP
-# path: /api/health"
-
-# readiness:
-# type: HTTP
-# path: "/api/health"
-
-# startup:
-# type: HTTP
-# path: "/api/health"
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- enabled: true
diff --git a/stable/authelia/14.0.23/questions.yaml b/stable/authelia/14.0.23/questions.yaml
deleted file mode 100644
index a10591819c8..00000000000
--- a/stable/authelia/14.0.23/questions.yaml
+++ /dev/null
@@ -1,2736 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection Url"
- description: "If user tries to authenticate without any referer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: inactivity
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "his mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "activedirectory"
- - value: "custom"
- description: "custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: horizontalPodAutoscaler
- group: Advanced
- label: (Advanced) Horizontal Pod Autoscaler
- schema:
- type: list
- default: []
- items:
- - variable: hpaEntry
- label: HPA Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: target
- label: Target
- description: Deployment name, Defaults to Main Deployment
- schema:
- type: string
- default: ""
- - variable: minReplicas
- label: Minimum Replicas
- schema:
- type: int
- default: 1
- - variable: maxReplicas
- label: Maximum Replicas
- schema:
- type: int
- default: 5
- - variable: targetCPUUtilizationPercentage
- label: Target CPU Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: targetMemoryUtilizationPercentage
- label: Target Memory Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
diff --git a/stable/authelia/14.0.23/templates/_configmap.tpl b/stable/authelia/14.0.23/templates/_configmap.tpl
deleted file mode 100644
index 9424df306ad..00000000000
--- a/stable/authelia/14.0.23/templates/_configmap.tpl
+++ /dev/null
@@ -1,251 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap" -}}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: authelia-paths
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: authelia-configfile
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- read_buffer_size: {{ default 4096 .Values.server.read_buffer_size }}
- write_buffer_size: {{ default 4096 .Values.server.write_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- disable_reset_password: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.url.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ printf "%v-%v" .Release.Name "postgresql" }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- sslmode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/stable/authelia/14.0.23/templates/_secrets.tpl b/stable/authelia/14.0.23/templates/_secrets.tpl
deleted file mode 100644
index 3c66d93cf99..00000000000
--- a/stable/authelia/14.0.23/templates/_secrets.tpl
+++ /dev/null
@@ -1,67 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
----
-
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- name: authelia-secrets
-{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
-{{- $oidckey := "" }}
-{{- $oidcsecret := "" }}
-{{- $jwtsecret := "" }}
-{{- $sessionsecret := "" }}
-{{- $encryptionkey := "" }}
-data:
- {{- if $autheliaprevious }}
- SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" }}
- JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" }}
- {{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }}
- ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" }}
- {{- else }}
- {{- $encryptionkey := randAlphaNum 100 }}
- ENCRYPTION_KEY: {{ $encryptionkey | b64enc }}
- {{- end }}
- {{- else }}
- {{- $jwtsecret := randAlphaNum 50 }}
- {{- $sessionsecret := randAlphaNum 50 }}
- {{- $encryptionkey := randAlphaNum 100 }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret | b64enc }}
- JWT_TOKEN: {{ $jwtsecret | b64enc}}
- ENCRYPTION_KEY: {{ $encryptionkey | b64enc }}
- {{- end }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password | b64enc | quote }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password | b64enc | quote }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key | b64enc }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ .Values.postgresql.postgresqlPassword | trimAll "\"" | b64enc }}
-
- REDIS_PASSWORD: {{ .Values.redis.redisPassword | trimAll "\"" | b64enc }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" | b64enc }}
- {{- end }}
-
- {{- if $autheliaprevious }}
- {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
- OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }}
- OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }}
- {{- else }}
- {{- $oidckey := genPrivateKey "rsa" }}
- {{- $oidcsecret := randAlphaNum 32 }}
- OIDC_PRIVATE_KEY: {{ $oidckey | b64enc }}
- OIDC_HMAC_SECRET: {{ $oidcsecret | b64enc }}
- {{- end }}
- {{- end }}
-
-
-{{- end -}}
diff --git a/stable/authelia/14.0.23/templates/common.yaml b/stable/authelia/14.0.23/templates/common.yaml
deleted file mode 100644
index 614b468adf3..00000000000
--- a/stable/authelia/14.0.23/templates/common.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- include "authelia.configmap" . }}
-
-{{/* Render secrets for authelia */}}
-{{- include "authelia.secrets" . }}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: "true"
-mountPath: " /configuration.yaml"
-readOnly: true
-subPath: configuration.yaml
-type: "custom"
-volumeSpec:
- configMap:
- name: authelia-configfile
- items:
- - key: configuration.yaml
- path: configuration.yaml
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: "true"
-mountPath: "/secrets"
-readOnly: true
-type: "custom"
-volumeSpec:
- secret:
- secretName: authelia-secrets
- items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/stable/authelia/14.0.23/values.yaml b/stable/authelia/14.0.23/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/authelia/14.0.24/CHANGELOG.md b/stable/authelia/14.0.24/CHANGELOG.md
deleted file mode 100644
index 9d2af004eb5..00000000000
--- a/stable/authelia/14.0.24/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-14.0.24](https://github.com/truecharts/charts/compare/authelia-14.0.23...authelia-14.0.24) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
-
-
-## [authelia-14.0.23](https://github.com/truecharts/charts/compare/authelia-14.0.22...authelia-14.0.23) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [authelia-14.0.22](https://github.com/truecharts/charts/compare/authelia-14.0.21...authelia-14.0.22) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [authelia-14.0.21](https://github.com/truecharts/charts/compare/authelia-14.0.20...authelia-14.0.21) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848))
-
-
-
-
-## [authelia-14.0.20](https://github.com/truecharts/charts/compare/authelia-14.0.19...authelia-14.0.20) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [authelia-14.0.19](https://github.com/truecharts/charts/compare/authelia-14.0.18...authelia-14.0.19) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [authelia-14.0.18](https://github.com/truecharts/charts/compare/authelia-14.0.17...authelia-14.0.18) (2022-12-25)
-
-### Fix
-
-- Allow SMTP without username and password (SMTP relay) ([#5770](https://github.com/truecharts/charts/issues/5770))
-
-
-
-
-## [authelia-14.0.17](https://github.com/truecharts/charts/compare/authelia-14.0.16...authelia-14.0.17) (2022-12-21)
-
-### Chore
-
-- update container image tccr.io/truecharts/authelia to v4.37.5
-
-
-
-
-## [authelia-14.0.16](https://github.com/truecharts/charts/compare/authelia-14.0.15...authelia-14.0.16) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [authelia-14.0.15](https://github.com/truecharts/charts/compare/authelia-14.0.13...authelia-14.0.15) (2022-12-18)
-
-### Chore
-
-- update container image tccr.io/truecharts/authelia to v4.37.4
- - update helm chart postgresql to v11.0.13 ([#5495](https://github.com/truecharts/charts/issues/5495))
- - update helm chart redis to v5.0.16
-
-
-
-
-## [authelia-14.0.13](https://github.com/truecharts/charts/compare/authelia-14.0.12...authelia-14.0.13) (2022-12-13)
diff --git a/stable/authelia/14.0.24/Chart.yaml b/stable/authelia/14.0.24/Chart.yaml
deleted file mode 100644
index 1ef19a21819..00000000000
--- a/stable/authelia/14.0.24/Chart.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: postgresql.enabled
- name: postgresql
- repository: https://charts.truecharts.org/
- version: 11.0.20
- - condition: redis.enabled
- name: redis
- repository: https://charts.truecharts.org
- version: 5.0.26
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/stable/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 14.0.24
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/authelia/14.0.24/README.md b/stable/authelia/14.0.24/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/authelia/14.0.24/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/authelia/14.0.24/app-changelog.md b/stable/authelia/14.0.24/app-changelog.md
deleted file mode 100644
index 94d08d43d42..00000000000
--- a/stable/authelia/14.0.24/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-14.0.24](https://github.com/truecharts/charts/compare/authelia-14.0.23...authelia-14.0.24) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
\ No newline at end of file
diff --git a/stable/authelia/14.0.24/app-readme.md b/stable/authelia/14.0.24/app-readme.md
deleted file mode 100644
index 6dc9492a7e6..00000000000
--- a/stable/authelia/14.0.24/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/authelia](https://truecharts.org/charts/stable/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/authelia/14.0.24/charts/common-11.1.2.tgz b/stable/authelia/14.0.24/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/authelia/14.0.24/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.24/charts/postgresql-11.0.20.tgz b/stable/authelia/14.0.24/charts/postgresql-11.0.20.tgz
deleted file mode 100644
index eb214636cd4..00000000000
Binary files a/stable/authelia/14.0.24/charts/postgresql-11.0.20.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.24/charts/redis-5.0.26.tgz b/stable/authelia/14.0.24/charts/redis-5.0.26.tgz
deleted file mode 100644
index 022df7e545c..00000000000
Binary files a/stable/authelia/14.0.24/charts/redis-5.0.26.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.24/ix_values.yaml b/stable/authelia/14.0.24/ix_values.yaml
deleted file mode 100644
index 05a8d755871..00000000000
--- a/stable/authelia/14.0.24/ix_values.yaml
+++ /dev/null
@@ -1,628 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-command: ["authelia"]
-args: ["--config=/configuration.yaml"]
-
-enableServiceLinks: false
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-# Enabled postgres
-postgresql:
- enabled: true
- existingSecret: "dbcreds"
- postgresqlUsername: authelia
- postgresqlDatabase: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
- existingSecret: "rediscreds"
-
-resources:
- limits: {}
- # limits:
- # cpu: "4.00"
- # memory: 125Mi
- requests: {}
- # requests:
- # cpu: "0.25"
- # memory: 50Mi
-
-envFrom:
- - configMapRef:
- name: authelia-paths
-
-# probes:
-# liveness:
-# type: HTTP
-# path: /api/health"
-
-# readiness:
-# type: HTTP
-# path: "/api/health"
-
-# startup:
-# type: HTTP
-# path: "/api/health"
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- enabled: true
diff --git a/stable/authelia/14.0.24/questions.yaml b/stable/authelia/14.0.24/questions.yaml
deleted file mode 100644
index a10591819c8..00000000000
--- a/stable/authelia/14.0.24/questions.yaml
+++ /dev/null
@@ -1,2736 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection Url"
- description: "If user tries to authenticate without any referer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: inactivity
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "his mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "activedirectory"
- - value: "custom"
- description: "custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
- - variable: horizontalPodAutoscaler
- group: Advanced
- label: (Advanced) Horizontal Pod Autoscaler
- schema:
- type: list
- default: []
- items:
- - variable: hpaEntry
- label: HPA Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: target
- label: Target
- description: Deployment name, Defaults to Main Deployment
- schema:
- type: string
- default: ""
- - variable: minReplicas
- label: Minimum Replicas
- schema:
- type: int
- default: 1
- - variable: maxReplicas
- label: Maximum Replicas
- schema:
- type: int
- default: 5
- - variable: targetCPUUtilizationPercentage
- label: Target CPU Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: targetMemoryUtilizationPercentage
- label: Target Memory Utilization Percentage
- schema:
- type: int
- default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
diff --git a/stable/authelia/14.0.24/templates/_configmap.tpl b/stable/authelia/14.0.24/templates/_configmap.tpl
deleted file mode 100644
index 9424df306ad..00000000000
--- a/stable/authelia/14.0.24/templates/_configmap.tpl
+++ /dev/null
@@ -1,251 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap" -}}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: authelia-paths
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: authelia-configfile
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- read_buffer_size: {{ default 4096 .Values.server.read_buffer_size }}
- write_buffer_size: {{ default 4096 .Values.server.write_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- disable_reset_password: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.url.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ printf "%v-%v" .Release.Name "postgresql" }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- sslmode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/stable/authelia/14.0.24/templates/_secrets.tpl b/stable/authelia/14.0.24/templates/_secrets.tpl
deleted file mode 100644
index 3c66d93cf99..00000000000
--- a/stable/authelia/14.0.24/templates/_secrets.tpl
+++ /dev/null
@@ -1,67 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
----
-
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- name: authelia-secrets
-{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
-{{- $oidckey := "" }}
-{{- $oidcsecret := "" }}
-{{- $jwtsecret := "" }}
-{{- $sessionsecret := "" }}
-{{- $encryptionkey := "" }}
-data:
- {{- if $autheliaprevious }}
- SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" }}
- JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" }}
- {{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }}
- ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" }}
- {{- else }}
- {{- $encryptionkey := randAlphaNum 100 }}
- ENCRYPTION_KEY: {{ $encryptionkey | b64enc }}
- {{- end }}
- {{- else }}
- {{- $jwtsecret := randAlphaNum 50 }}
- {{- $sessionsecret := randAlphaNum 50 }}
- {{- $encryptionkey := randAlphaNum 100 }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret | b64enc }}
- JWT_TOKEN: {{ $jwtsecret | b64enc}}
- ENCRYPTION_KEY: {{ $encryptionkey | b64enc }}
- {{- end }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password | b64enc | quote }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password | b64enc | quote }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key | b64enc }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ .Values.postgresql.postgresqlPassword | trimAll "\"" | b64enc }}
-
- REDIS_PASSWORD: {{ .Values.redis.redisPassword | trimAll "\"" | b64enc }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" | b64enc }}
- {{- end }}
-
- {{- if $autheliaprevious }}
- {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
- OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }}
- OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }}
- {{- else }}
- {{- $oidckey := genPrivateKey "rsa" }}
- {{- $oidcsecret := randAlphaNum 32 }}
- OIDC_PRIVATE_KEY: {{ $oidckey | b64enc }}
- OIDC_HMAC_SECRET: {{ $oidcsecret | b64enc }}
- {{- end }}
- {{- end }}
-
-
-{{- end -}}
diff --git a/stable/authelia/14.0.24/templates/common.yaml b/stable/authelia/14.0.24/templates/common.yaml
deleted file mode 100644
index 614b468adf3..00000000000
--- a/stable/authelia/14.0.24/templates/common.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- include "authelia.configmap" . }}
-
-{{/* Render secrets for authelia */}}
-{{- include "authelia.secrets" . }}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: "true"
-mountPath: " /configuration.yaml"
-readOnly: true
-subPath: configuration.yaml
-type: "custom"
-volumeSpec:
- configMap:
- name: authelia-configfile
- items:
- - key: configuration.yaml
- path: configuration.yaml
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: "true"
-mountPath: "/secrets"
-readOnly: true
-type: "custom"
-volumeSpec:
- secret:
- secretName: authelia-secrets
- items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/stable/authelia/14.0.24/values.yaml b/stable/authelia/14.0.24/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/authelia/14.0.25/CHANGELOG.md b/stable/authelia/14.0.25/CHANGELOG.md
deleted file mode 100644
index cb6daeb72d7..00000000000
--- a/stable/authelia/14.0.25/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-14.0.25](https://github.com/truecharts/charts/compare/authelia-14.0.24...authelia-14.0.25) (2023-01-23)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [authelia-14.0.24](https://github.com/truecharts/charts/compare/authelia-14.0.23...authelia-14.0.24) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
-
-
-## [authelia-14.0.23](https://github.com/truecharts/charts/compare/authelia-14.0.22...authelia-14.0.23) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [authelia-14.0.22](https://github.com/truecharts/charts/compare/authelia-14.0.21...authelia-14.0.22) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [authelia-14.0.21](https://github.com/truecharts/charts/compare/authelia-14.0.20...authelia-14.0.21) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848))
-
-
-
-
-## [authelia-14.0.20](https://github.com/truecharts/charts/compare/authelia-14.0.19...authelia-14.0.20) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [authelia-14.0.19](https://github.com/truecharts/charts/compare/authelia-14.0.18...authelia-14.0.19) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [authelia-14.0.18](https://github.com/truecharts/charts/compare/authelia-14.0.17...authelia-14.0.18) (2022-12-25)
-
-### Fix
-
-- Allow SMTP without username and password (SMTP relay) ([#5770](https://github.com/truecharts/charts/issues/5770))
-
-
-
-
-## [authelia-14.0.17](https://github.com/truecharts/charts/compare/authelia-14.0.16...authelia-14.0.17) (2022-12-21)
-
-### Chore
-
-- update container image tccr.io/truecharts/authelia to v4.37.5
-
-
-
-
-## [authelia-14.0.16](https://github.com/truecharts/charts/compare/authelia-14.0.15...authelia-14.0.16) (2022-12-19)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [authelia-14.0.15](https://github.com/truecharts/charts/compare/authelia-14.0.13...authelia-14.0.15) (2022-12-18)
-
-### Chore
diff --git a/stable/authelia/14.0.25/Chart.yaml b/stable/authelia/14.0.25/Chart.yaml
deleted file mode 100644
index 9091b286282..00000000000
--- a/stable/authelia/14.0.25/Chart.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: postgresql.enabled
- name: postgresql
- repository: https://charts.truecharts.org/
- version: 11.0.21
- - condition: redis.enabled
- name: redis
- repository: https://charts.truecharts.org
- version: 5.0.29
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/stable/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 14.0.25
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/authelia/14.0.25/README.md b/stable/authelia/14.0.25/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/authelia/14.0.25/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/authelia/14.0.25/app-changelog.md b/stable/authelia/14.0.25/app-changelog.md
deleted file mode 100644
index 12632e0efd1..00000000000
--- a/stable/authelia/14.0.25/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-14.0.25](https://github.com/truecharts/charts/compare/authelia-14.0.24...authelia-14.0.25) (2023-01-23)
-
-### Chore
-
-- update helm general non-major
-
-
\ No newline at end of file
diff --git a/stable/authelia/14.0.25/app-readme.md b/stable/authelia/14.0.25/app-readme.md
deleted file mode 100644
index 6dc9492a7e6..00000000000
--- a/stable/authelia/14.0.25/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/authelia](https://truecharts.org/charts/stable/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/authelia/14.0.25/charts/common-11.1.2.tgz b/stable/authelia/14.0.25/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/authelia/14.0.25/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.25/charts/postgresql-11.0.21.tgz b/stable/authelia/14.0.25/charts/postgresql-11.0.21.tgz
deleted file mode 100644
index 033d88e41cf..00000000000
Binary files a/stable/authelia/14.0.25/charts/postgresql-11.0.21.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.25/charts/redis-5.0.29.tgz b/stable/authelia/14.0.25/charts/redis-5.0.29.tgz
deleted file mode 100644
index ee3b38dee8e..00000000000
Binary files a/stable/authelia/14.0.25/charts/redis-5.0.29.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.25/ix_values.yaml b/stable/authelia/14.0.25/ix_values.yaml
deleted file mode 100644
index 05a8d755871..00000000000
--- a/stable/authelia/14.0.25/ix_values.yaml
+++ /dev/null
@@ -1,628 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-command: ["authelia"]
-args: ["--config=/configuration.yaml"]
-
-enableServiceLinks: false
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-# Enabled postgres
-postgresql:
- enabled: true
- existingSecret: "dbcreds"
- postgresqlUsername: authelia
- postgresqlDatabase: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
- existingSecret: "rediscreds"
-
-resources:
- limits: {}
- # limits:
- # cpu: "4.00"
- # memory: 125Mi
- requests: {}
- # requests:
- # cpu: "0.25"
- # memory: 50Mi
-
-envFrom:
- - configMapRef:
- name: authelia-paths
-
-# probes:
-# liveness:
-# type: HTTP
-# path: /api/health"
-
-# readiness:
-# type: HTTP
-# path: "/api/health"
-
-# startup:
-# type: HTTP
-# path: "/api/health"
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user:' or 'group:'.
-##
-## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
-##
-## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
-## is optional and matches any resource if not provided.
-##
-## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
-access_control:
- ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
- ## resource if there is no policy to be applied to the user.
- default_policy: deny
-
- networks: []
- # networks:
- # - name: private
- # networks:
- # - 10.0.0.0/8
- # - 172.16.0.0/12
- # - 192.168.0.0/16
- # - name: vpn
- # networks:
- # - 10.9.0.0/16
-
- rules: []
- # rules:
- # - domain: public.example.com
- # policy: bypass
- # - domain: "*.example.com"
- # policy: bypass
- # methods:
- # - OPTIONS
- # - domain: secure.example.com
- # policy: one_factor
- # networks:
- # - private
- # - vpn
- # - 192.168.1.0/24
- # - 10.0.0.1
- # - domain:
- # - secure.example.com
- # - private.example.com
- # policy: two_factor
- # - domain: singlefactor.example.com
- # policy: one_factor
- # - domain: "mx2.mail.example.com"
- # subject: "group:admins"
- # policy: deny
- # - domain: "*.example.com"
- # subject:
- # - "group:admins"
- # - "group:moderators"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/groups/dev/.*$"
- # subject: "group:dev"
- # policy: two_factor
- # - domain: dev.example.com
- # resources:
- # - "^/users/john/.*$"
- # subject:
- # - ["group:dev", "user:john"]
- # - "group:admins"
- # policy: two_factor
- # - domain: "{user}.example.com"
- # policy: bypass
-
-##
-## Session Provider Configuration
-##
-## The session cookies identify the user once logged in.
-## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
-session:
- ## The name of the session cookie. (default: authelia_session).
- name: authelia_session
-
- ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
- ## Please read https://www.authelia.com/docs/configuration/session.html#same_site
- same_site: lax
-
- ## The time in seconds before the cookie expires and session is reset.
- expiration: 1h
-
- ## The inactivity time in seconds before the session is reset.
- inactivity: 5m
-
- ## The remember me duration.
- ## Value is in seconds, or duration notation. Value of 0 disables remember me.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
- ## spy or attack. Currently the default is 1M or 1 month.
- remember_me_duration: 1M
-
-##
-## Redis Provider
-##
-## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
-##
-## The redis connection details
-redisProvider:
- port: 6379
-
- ## Optional username to be used with authentication.
- # username: authelia
- username: ""
-
- ## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
- database_index: 0
-
- ## The maximum number of concurrent active connections to Redis.
- maximum_active_connections: 8
-
- ## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
- minimum_idle_connections: 0
-
- ## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
- tls:
- enabled: false
-
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for the connection.
- minimum_version: TLS1.2
-
- ## The Redis HA configuration options.
- ## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
- high_availability:
- enabled: false
- enabledSecret: false
- ## Sentinel Name / Master Name
- sentinel_name: mysentinel
-
- ## The additional nodes to pre-seed the redis provider with (for sentinel).
- ## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
- ## For high availability to be used you must have either defined; the host above or at least one node below.
- nodes: []
- # nodes:
- # - host: sentinel-0.databases.svc.cluster.local
- # port: 26379
- # - host: sentinel-1.databases.svc.cluster.local
- # port: 26379
-
- ## Choose the host with the lowest latency.
- route_by_latency: false
-
- ## Choose the host randomly.
- route_randomly: false
-
-##
-## Regulation Configuration
-##
-## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
-## in a short period of time.
-regulation:
- ## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
- max_retries: 3
-
- ## The time range during which the user can attempt login before being banned. The user is banned if the
- ## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- find_time: 2m
-
- ## The length of time before a banned user can login again. Ban Time accepts duration notation.
- ## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ban_time: 5m
-
-##
-## Storage Provider Configuration
-##
-## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
-storage:
- ##
- ## PostgreSQL (Storage Provider)
- ##
- postgres:
- port: 5432
- database: authelia
- username: authelia
- sslmode: disable
- timeout: 5s
-
-##
-## Notification Provider
-##
-##
-## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
-## The available providers are: filesystem, smtp. You must use one and only one of these providers.
-notifier:
- ## You can disable the notifier startup check by setting this to true.
- disable_startup_check: false
-
- ##
- ## File System (Notification Provider)
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- filesystem:
- enabled: true
- filename: /config/notification.txt
-
- ##
- ## SMTP (Notification Provider)
- ##
- ## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
- ## [Security] By default Authelia will:
- ## - force all SMTP connections over TLS including unauthenticated connections
- ## - use the disable_require_tls boolean value to disable this requirement
- ## (only works for unauthenticated connections)
- ## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
- ## (configure in tls section)
- smtp:
- enabled: false
- enabledSecret: false
- host: smtp.mail.svc.cluster.local
- port: 25
- timeout: 5s
- username: test
- plain_password: test
- sender: admin@example.com
- ## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
- identifier: localhost
- ## Subject configuration of the emails sent.
- ## {title} is replaced by the text from the notifier
- subject: "[Authelia] {title}"
- ## This address is used during the startup check to verify the email configuration is correct.
- ## It's not important what it is except if your email server only allows local delivery.
- startup_check_address: test@authelia.com
- disable_require_tls: false
- disable_html_emails: false
-
- tls:
- ## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either StartTLS or SMTPS.
- minimum_version: TLS1.2
-
-identity_providers:
- oidc:
- ## Enables this in the config map. Currently in beta stage.
- ## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
- enabled: false
-
- access_token_lifespan: 1h
- authorize_code_lifespan: 1m
- id_token_lifespan: 1h
- refresh_token_lifespan: 90m
-
- enable_client_debug_messages: false
-
- ## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
- ## security reasons.
- minimum_parameter_entropy: 8
-
- clients: []
- # clients:
- # -
- ## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
- # id: myapp
-
- ## The description to show to users when they end up on the consent screen. Defaults to the ID above.
- # description: My Application
-
- ## The client secret is a shared secret between Authelia and the consumer of this client.
- # secret: apple123
-
- ## Sets the client to public. This should typically not be set, please see the documentation for usage.
- # public: false
-
- ## The policy to require for this client; one_factor or two_factor.
- # authorization_policy: two_factor
-
- ## Configures the consent mode; auto, explicit or implicit
- # consent_mode: auto
-
- ## Audience this client is allowed to request.
- # audience: []
-
- ## Scopes this client is allowed to request.
- # scopes:
- # - openid
- # - profile
- # - email
- # - groups
-
- ## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
- # redirect_uris:
- # - https://oidc.example.com/oauth2/callback
-
- ## Grant Types configures which grants this client can obtain.
- ## It's not recommended to configure this unless you know what you're doing.
- # grant_types:
- # - refresh_token
- # - authorization_code
-
- ## Response Types configures which responses this client can be sent.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_types:
- # - code
-
- ## Response Modes configures which response modes this client supports.
- ## It's not recommended to configure this unless you know what you're doing.
- # response_modes:
- # - form_post
- # - query
- # - fragment
-
- ## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
- # userinfo_signing_algorithm: none
-
-portal:
- enabled: true
diff --git a/stable/authelia/14.0.25/questions.yaml b/stable/authelia/14.0.25/questions.yaml
deleted file mode 100644
index 65c50fbb0bc..00000000000
--- a/stable/authelia/14.0.25/questions.yaml
+++ /dev/null
@@ -1,2736 +0,0 @@
-groups:
- - name: Container Image
- description: Image to be used for container
- - name: General Settings
- description: General Deployment Settings
- - name: App Configuration
- description: App Specific Config Options
- - name: Networking and Services
- description: Configure Network and Services for Container
- - name: Storage and Persistence
- description: Persist and Share Data that is Separate from the Container
- - name: Ingress
- description: Ingress Configuration
- - name: Security and Permissions
- description: Configure Security Context and Permissions
- - name: Resources and Devices
- description: "Specify Resources/Devices to be Allocated to Workload"
- - name: Middlewares
- description: Traefik Middlewares
- - name: Metrics
- description: Metrics
- - name: VPN
- description: VPN
- - name: Addons
- description: Addon Configuration
- - name: Advanced
- description: Advanced Configuration
- - name: Documentation
- description: Documentation
-portals:
- open:
- protocols:
- - "$kubernetes-resource_configmap_portal_protocol"
- host:
- - "$kubernetes-resource_configmap_portal_host"
- ports:
- - "$kubernetes-resource_configmap_portal_port"
-questions:
- - variable: global
- label: Global Settings
- group: "General Settings"
- schema:
- type: dict
- hidden: true
- attrs:
- - variable: isSCALE
- label: Flag this is SCALE
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: controller
- group: "General Settings"
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: replicas
- description: Number of desired pod replicas
- label: Desired Replicas
- schema:
- type: int
- required: true
- default: 1
- - variable: customextraargs
- group: "General Settings"
- label: "Extra Args"
- description: "Do not click this unless you know what you are doing"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: extraArgs
- label: Extra Args
- schema:
- type: list
- default: []
- items:
- - variable: arg
- label: Arg
- schema:
- type: string
- - variable: TZ
- label: Timezone
- group: "General Settings"
- schema:
- type: string
- default: "Etc/UTC"
- $ref:
- - "definitions/timezone"
- - variable: envList
- label: Extra Environment Variables
- description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
- group: "General Settings"
- schema:
- type: list
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- - variable: value
- label: Value
- schema:
- type: string
- - variable: domain
- group: "App Configuration"
- label: "Domain"
- description: "The highest domain level possible, for example: domain.com when using app.domain.com"
- schema:
- type: string
- default: ""
- required: true
- - variable: default_redirection_url
- group: "App Configuration"
- label: "Default Redirection Url"
- description: "If user tries to authenticate without any referer, this is used"
- schema:
- type: string
- default: ""
- - variable: theme
- group: "App Configuration"
- label: "Theme"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "light"
- description: "light"
- - value: "grey"
- description: "grey"
- - value: "dark"
- description: "dark"
- - variable: log
- group: "App Configuration"
- label: "Log Configuration "
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: level
- label: "Log Level"
- schema:
- type: string
- default: "info"
- enum:
- - value: "info"
- description: "info"
- - value: "debug"
- description: "debug"
- - value: "trace"
- description: "trace"
- - variable: format
- label: "Log Format"
- schema:
- type: string
- default: "text"
- enum:
- - value: "json"
- description: "json"
- - value: "text"
- description: "text"
- - variable: totp
- group: "App Configuration"
- label: "TOTP Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: issuer
- label: "Issuer"
- description: "The issuer name displayed in the Authenticator application of your choice"
- schema:
- type: string
- default: ""
- - variable: period
- label: "Period"
- description: "The period in seconds a one-time password is current for"
- schema:
- type: int
- default: 30
- - variable: skew
- label: "skew"
- description: "Controls number of one-time passwords either side of the current one that are valid."
- schema:
- type: int
- default: 1
- - variable: duo_api
- group: "App Configuration"
- label: "DUO API Configuration"
- description: "Parameters used to contact the Duo API."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostname
- label: "Hostname"
- schema:
- type: string
- required: true
- default: ""
- - variable: integration_key
- label: "integration_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: plain_api_key
- label: "plain_api_key"
- schema:
- type: string
- default: ""
- required: true
- - variable: session
- group: "App Configuration"
- label: "Session Provider"
- description: "The session cookies identify the user once logged in."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Cookie Name"
- description: "The name of the session cookie."
- schema:
- type: string
- required: true
- default: "authelia_session"
- - variable: same_site
- label: "SameSite Value"
- description: "Sets the Cookie SameSite value"
- schema:
- type: string
- default: "lax"
- enum:
- - value: "lax"
- description: "lax"
- - value: "strict"
- description: "strict"
- - variable: expiration
- label: "Expiration Time"
- description: "The time in seconds before the cookie expires and session is reset."
- schema:
- type: string
- default: "1h"
- required: true
- - variable: inactivity
- label: "Inactivity Time"
- description: "The inactivity time in seconds before the session is reset."
- schema:
- type: string
- default: "5m"
- required: true
- - variable: inactivity
- label: "Remember-Me duration"
- description: "The remember me duration"
- schema:
- type: string
- default: "5M"
- required: true
- - variable: regulation
- group: "App Configuration"
- label: "Regulation Configuration"
- description: "his mechanism prevents attackers from brute forcing the first factor."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: max_retries
- label: "Maximum Retries"
- description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
- schema:
- type: int
- default: 3
- - variable: find_time
- label: "Find Time"
- description: "The time range during which the user can attempt login before being banned."
- schema:
- type: string
- default: "2m"
- required: true
- - variable: ban_time
- label: "Ban Duration"
- description: "The length of time before a banned user can login again"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: authentication_backend
- group: "App Configuration"
- label: "Authentication Backend Provider"
- description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_reset_password
- label: "Disable Reset Password"
- description: "Disable both the HTML element and the API for reset password functionality"
- schema:
- type: boolean
- default: false
- - variable: refresh_interval
- label: "Reset Interval"
- description: "The amount of time to wait before we refresh data from the authentication backend"
- schema:
- type: string
- default: "5m"
- required: true
- - variable: ldap
- label: "LDAP backend configuration"
- description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: implementation
- label: "Implementation"
- description: "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
- schema:
- type: string
- default: "custom"
- enum:
- - value: "activedirectory"
- description: "activedirectory"
- - value: "custom"
- description: "custom"
- - variable: url
- label: "URL"
- description: "The url to the ldap server. Format: ://[:]"
- schema:
- type: string
- default: "ldap://openldap.default.svc.cluster.local"
- required: true
- - variable: timeout
- label: "Connection Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: start_tls
- label: "Start TLS"
- description: "Use StartTLS with the LDAP connection"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: base_dn
- label: "Base DN"
- description: "The base dn for every LDAP query."
- schema:
- type: string
- default: "DC=example,DC=com"
- required: true
- - variable: username_attribute
- label: "Username Attribute"
- description: "The attribute holding the username of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_users_dn
- label: "Additional Users DN"
- description: "An additional dn to define the scope to all users."
- schema:
- type: string
- default: "OU=Users"
- required: true
- - variable: users_filter
- label: "Users Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: additional_groups_dn
- label: "Additional Groups DN"
- description: "An additional dn to define the scope of groups."
- schema:
- type: string
- default: "OU=Groups"
- required: true
- - variable: groups_filter
- label: "Groups Filter"
- description: "The groups filter used in search queries to find the groups of the user."
- schema:
- type: string
- default: ""
- required: true
- - variable: group_name_attribute
- label: "Group name Attribute"
- description: "The attribute holding the name of the group"
- schema:
- type: string
- default: ""
- required: true
- - variable: mail_attribute
- label: "Mail Attribute"
- description: "The attribute holding the primary mail address of the user"
- schema:
- type: string
- default: ""
- required: true
- - variable: display_name_attribute
- label: "Display Name Attribute"
- description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
- schema:
- type: string
- default: ""
- - variable: user
- label: "Admin User"
- description: "The username of the admin user used to connect to LDAP."
- schema:
- type: string
- default: "CN=Authelia,DC=example,DC=com"
- required: true
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- required: true
- - variable: file
- label: "File backend configuration"
- description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: path
- label: "Path"
- schema:
- type: string
- default: "/config/users_database.yml"
- required: true
- - variable: password
- label: "Password Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: algorithm
- label: "Algorithm"
- schema:
- type: string
- default: "argon2id"
- enum:
- - value: "argon2id"
- description: "argon2id"
- - value: "sha512"
- description: "sha512"
- - variable: iterations
- label: "Iterations"
- schema:
- type: int
- default: 1
- required: true
- - variable: key_length
- label: "Key Length"
- schema:
- type: int
- default: 32
- required: true
- - variable: salt_length
- label: "Salt Length"
- schema:
- type: int
- default: 16
- required: true
- - variable: memory
- label: "Memory"
- schema:
- type: int
- default: 1024
- required: true
- - variable: parallelism
- label: "Parallelism"
- schema:
- type: int
- default: 8
- required: true
- - variable: notifier
- group: "App Configuration"
- label: "Notifier Configuration"
- description: "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: disable_startup_check
- label: "Disable Startup Check"
- schema:
- type: boolean
- default: false
- - variable: filesystem
- label: "Filesystem Provider"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: filename
- label: "File Path"
- schema:
- type: string
- default: "/config/notification.txt"
- required: true
- - variable: smtp
- label: "SMTP Provider"
- description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "Enable"
- schema:
- type: boolean
- default: true
- show_subquestions_if: true
- subquestions:
- - variable: host
- label: "Host"
- schema:
- type: string
- default: "smtp.mail.svc.cluster.local"
- required: true
- - variable: port
- label: "Port"
- schema:
- type: int
- default: 25
- required: true
- - variable: timeout
- label: "Timeout"
- schema:
- type: string
- default: "5s"
- required: true
- - variable: username
- label: "Username"
- schema:
- type: string
- default: ""
- - variable: plain_password
- label: "Password"
- schema:
- type: string
- default: ""
- - variable: sender
- label: "Sender"
- schema:
- type: string
- default: ""
- required: true
- - variable: identifier
- label: "Identifier"
- description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
- schema:
- type: string
- default: "localhost"
- required: true
- - variable: subject
- label: "Subject"
- description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
- schema:
- type: string
- default: "[Authelia] {title}"
- required: true
- - variable: startup_check_address
- label: "Startup Check Address"
- description: "This address is used during the startup check to verify the email configuration is correct."
- schema:
- type: string
- default: "test@authelia.com"
- required: true
- - variable: disable_require_tls
- label: "Disable Require TLS"
- schema:
- type: boolean
- default: false
- - variable: disable_html_emails
- label: "Disable HTML emails"
- schema:
- type: boolean
- default: false
- - variable: tls
- label: "TLS Settings"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: server_name
- label: "Server Name"
- description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
- schema:
- type: string
- default: ""
- - variable: skip_verify
- label: "Skip Certificate Verification"
- description: "Skip verifying the server certificate (to allow a self-signed certificate)"
- schema:
- type: boolean
- default: false
- - variable: minimum_version
- label: "Minimum TLS version"
- description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
- schema:
- type: string
- default: "TLS1.2"
- enum:
- - value: "TLS1.0"
- description: "TLS1.0"
- - value: "TLS1.1"
- description: "TLS1.1"
- - value: "TLS1.2"
- description: "TLS1.2"
- - value: "TLS1.3"
- description: "TLS1.3"
- - variable: access_control
- group: "App Configuration"
- label: "Access Control Configuration"
- description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: default_policy
- label: "Default Policy"
- description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: networkItem
- label: "Network Item"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: "Name"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "network"
- schema:
- type: string
- default: ""
- required: true
- - variable: rules
- label: "Rules"
- schema:
- type: list
- default: []
- items:
- - variable: rulesItem
- label: "Rule"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: domain
- label: "Domains"
- description: "defines which domain or set of domains the rule applies to."
- schema:
- type: list
- default: []
- items:
- - variable: domainEntry
- label: "Domain"
- schema:
- type: string
- default: ""
- required: true
- - variable: policy
- label: "Policy"
- description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "bypass"
- description: "bypass"
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - value: "deny"
- description: "deny"
- - variable: subject
- label: "Subject"
- description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
- schema:
- type: list
- default: []
- items:
- - variable: subjectitem
- label: "Subject"
- schema:
- type: string
- default: ""
- required: true
- - variable: networks
- label: "Networks"
- schema:
- type: list
- default: []
- items:
- - variable: network
- label: "Network"
- schema:
- type: string
- default: ""
- required: true
- - variable: resources
- label: "Resources"
- description: "is a list of regular expressions that matches a set of resources to apply the policy to"
- schema:
- type: list
- default: []
- items:
- - variable: resource
- label: "Resource"
- schema:
- type: string
- default: ""
- required: true
- - variable: service
- group: Networking and Services
- label: Configure Service(s)
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service"
- description: "The Primary service on which the healthcheck runs, often the webUI"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: ports
- label: "Service's Port(s) Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Service Port Configuration"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: "Port"
- description: "This port exposes the container port on the service"
- schema:
- type: int
- default: 9091
- required: true
- - variable: serviceexpert
- group: Networking and Services
- label: Show Expert Config
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hostNetwork
- group: Networking and Services
- label: Host-Networking (Complicated)
- schema:
- type: boolean
- default: false
- - variable: externalInterfaces
- description: Add External Interfaces
- label: Add external Interfaces
- group: Networking
- schema:
- type: list
- items:
- - variable: interfaceConfiguration
- description: Interface Configuration
- label: Interface Configuration
- schema:
- type: dict
- $ref:
- - "normalize/interfaceConfiguration"
- attrs:
- - variable: hostInterface
- description: Please Specify Host Interface
- label: Host Interface
- schema:
- type: string
- required: true
- $ref:
- - "definitions/interface"
- - variable: ipam
- description: Define how IP Address will be managed
- label: IP Address Management
- schema:
- type: dict
- required: true
- attrs:
- - variable: type
- description: Specify type for IPAM
- label: IPAM Type
- schema:
- type: string
- required: true
- enum:
- - value: dhcp
- description: Use DHCP
- - value: static
- description: Use Static IP
- show_subquestions_if: static
- subquestions:
- - variable: staticIPConfigurations
- label: Static IP Addresses
- schema:
- type: list
- items:
- - variable: staticIP
- label: Static IP
- schema:
- type: ipaddr
- cidr: true
- - variable: staticRoutes
- label: Static Routes
- schema:
- type: list
- items:
- - variable: staticRouteConfiguration
- label: Static Route Configuration
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: destination
- label: Destination
- schema:
- type: ipaddr
- cidr: true
- required: true
- - variable: gateway
- label: Gateway
- schema:
- type: ipaddr
- cidr: false
- required: true
- - variable: serviceList
- label: Add Manual Custom Services
- group: Networking and Services
- schema:
- type: list
- default: []
- items:
- - variable: serviceListEntry
- label: Custom Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the service
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: LoadBalancer
- description: LoadBalancer (Expose Ports)
- - value: ClusterIP
- description: ClusterIP (Do Not Expose Ports)
- - value: Simple
- description: Deprecated CHANGE THIS
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: portsList
- label: Additional Service Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsListEntry
- label: Custom ports
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Port
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Port Name
- schema:
- type: string
- default: ""
- - variable: protocol
- label: Port Type
- schema:
- type: string
- default: TCP
- enum:
- - value: HTTP
- description: HTTP
- - value: HTTPS
- description: HTTPS
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - variable: targetPort
- label: Target Port
- description: This port exposes the container port on the service
- schema:
- type: int
- required: true
- - variable: port
- label: Container Port
- schema:
- type: int
- required: true
- - variable: persistence
- label: Integrated Persistent Storage
- description: Integrated Persistent Storage
- group: Storage and Persistence
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: config
- label: "App Config Storage"
- description: "Stores the Application Configuration."
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: pvc
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size quotum of Storage (Do NOT REDUCE after installation)
- description: This value can ONLY be INCREASED after the installation
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: persistenceList
- label: Additional App Storage
- group: Storage and Persistence
- schema:
- type: list
- default: []
- items:
- - variable: persistenceListEntry
- label: Custom Storage
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the storage
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type of Storage
- description: Sets the persistence type, Anything other than PVC could break rollback!
- schema:
- type: string
- default: hostPath
- enum:
- - value: pvc
- description: PVC
- - value: hostPath
- description: Host Path
- - value: emptyDir
- description: emptyDir
- - value: nfs
- description: NFS Share
- - variable: server
- label: NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: path
- label: Path on NFS Server
- schema:
- show_if: [["type", "=", "nfs"]]
- type: string
- default: ""
- - variable: setPermissions
- label: Automatic Permissions
- description: Automatically set permissions on install
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: boolean
- default: false
- - variable: readOnly
- label: Read Only
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Path
- description: Path inside the container the storage is mounted
- schema:
- show_if: [["type", "=", "hostPath"]]
- type: hostpath
- - variable: mountPath
- label: Mount Path
- description: Path inside the container the storage is mounted
- schema:
- type: string
- default: ""
- required: true
- valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- - variable: medium
- label: EmptyDir Medium
- schema:
- show_if: [["type", "=", "emptyDir"]]
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: Memory
- description: Memory
- - variable: size
- label: Size Quotum of Storage
- schema:
- show_if: [["type", "=", "pvc"]]
- type: string
- default: 256Gi
- - variable: ingress
- label: ""
- group: Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: main
- label: "Main Ingress"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: (Advanced) Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: ingressClassName
- label: (Advanced/Optional) IngressClass Name
- schema:
- type: string
- default: ""
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: ingressList
- label: Add Manual Custom Ingresses
- group: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressListEntry
- label: Custom Ingress
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable Ingress
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- - variable: ingressClassName
- label: IngressClass Name
- schema:
- type: string
- default: ""
- - variable: hosts
- label: Hosts
- schema:
- type: list
- default: []
- items:
- - variable: hostEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: host
- label: HostName
- schema:
- type: string
- default: ""
- required: true
- - variable: paths
- label: Paths
- schema:
- type: list
- default: []
- items:
- - variable: pathEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: path
- label: Path
- schema:
- type: string
- required: true
- default: "/"
- - variable: pathType
- label: Path Type
- schema:
- type: string
- required: true
- default: Prefix
- - variable: service
- label: Linked Service
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Service Name
- schema:
- type: string
- default: ""
- - variable: port
- label: Service Port
- schema:
- type: int
- - variable: tls
- label: TLS-Settings
- schema:
- type: list
- default: []
- items:
- - variable: tlsEntry
- label: Host
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: hosts
- label: Certificate Hosts
- schema:
- type: list
- default: []
- items:
- - variable: host
- label: Host
- schema:
- type: string
- default: ""
- required: true
- - variable: scaleCert
- label: Select TrueNAS SCALE Certificate
- schema:
- type: int
- $ref:
- - "definitions/certificate"
- - variable: entrypoint
- label: Traefik Entrypoint
- description: Entrypoint used by Traefik when using Traefik as Ingress Provider
- schema:
- type: string
- default: websecure
- required: true
- - variable: middlewares
- label: Traefik Middlewares
- description: Add previously created Traefik Middlewares to this Ingress
- schema:
- type: list
- default: []
- items:
- - variable: name
- label: Name
- schema:
- type: string
- default: ""
- required: true
- - variable: security
- label: Container Security Settings
- group: Security and Permissions
- schema:
- type: dict
- additional_attrs: true
- attrs:
- - variable: editsecurity
- label: Change PUID / UMASK values
- description: By enabling this you override default set values.
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: PUID
- label: Process User ID - PUID
- description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
- schema:
- type: int
- default: 568
- - variable: UMASK
- label: UMASK
- description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
- schema:
- type: string
- default: "002"
- - variable: advancedSecurity
- label: Show Advanced Security Settings
- group: Security and Permissions
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: securityContext
- label: Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: privileged
- label: "Privileged mode"
- schema:
- type: boolean
- default: false
- - variable: readOnlyRootFilesystem
- label: "ReadOnly Root Filesystem"
- schema:
- type: boolean
- default: true
- - variable: allowPrivilegeEscalation
- label: "Allow Privilege Escalation"
- schema:
- type: boolean
- default: false
- - variable: runAsNonRoot
- label: "runAsNonRoot"
- schema:
- type: boolean
- default: true
- - variable: podSecurityContext
- group: Security and Permissions
- label: Pod Security Context
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: runAsUser
- label: "runAsUser"
- description: "The UserID of the user running the application"
- schema:
- type: int
- default: 568
- - variable: runAsGroup
- label: "runAsGroup"
- description: "The groupID this App of the user running the application"
- schema:
- type: int
- default: 568
- - variable: fsGroup
- label: "fsGroup"
- description: "The group that should own ALL storage."
- schema:
- type: int
- default: 568
- - variable: fsGroupChangePolicy
- label: "When should we take ownership?"
- schema:
- type: string
- default: OnRootMismatch
- enum:
- - value: OnRootMismatch
- description: OnRootMismatch
- - value: Always
- description: Always
- - variable: supplementalGroups
- label: Supplemental Groups
- schema:
- type: list
- default: []
- items:
- - variable: supplementalGroupsEntry
- label: Supplemental Group
- schema:
- type: int
- - variable: resources
- group: Resources and Devices
- label: "Resource Limits"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: limits
- label: Advanced Limit Resource Consumption
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 4000m
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: RAM
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 8Gi
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: requests
- label: "Minimum Resources Required (request)"
- schema:
- additional_attrs: true
- type: dict
- hidden: true
- attrs:
- - variable: cpu
- label: CPU
- description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 10m
- hidden: true
- valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- - variable: memory
- label: "RAM"
- description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
- schema:
- type: string
- default: 50Mi
- hidden: true
- valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- - variable: deviceList
- label: Mount USB Devices
- group: Resources and Devices
- schema:
- type: list
- default: []
- items:
- - variable: deviceListEntry
- label: Device
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enable the Storage
- schema:
- type: boolean
- default: true
- - variable: type
- label: (Advanced) Type of Storage
- description: Sets the persistence type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: readOnly
- label: readOnly
- schema:
- type: boolean
- default: false
- - variable: hostPath
- label: Host Device Path
- description: Path to the device on the host system
- schema:
- type: path
- - variable: mountPath
- label: Container Device Path
- description: Path inside the container the device is mounted
- schema:
- type: string
- default: "/dev/ttyACM0"
- # Specify GPU configuration
- - variable: scaleGPU
- label: GPU Configuration
- group: Resources and Devices
- schema:
- type: dict
- $ref:
- - "definitions/gpuConfiguration"
- attrs: []
-# - variable: horizontalPodAutoscaler
-# group: Advanced
-# label: (Advanced) Horizontal Pod Autoscaler
-# schema:
-# type: list
-# default: []
-# items:
-# - variable: hpaEntry
-# label: HPA Entry
-# schema:
-# additional_attrs: true
-# type: dict
-# attrs:
-# - variable: name
-# label: Name
-# schema:
-# type: string
-# required: true
-# default: ""
-# - variable: enabled
-# label: Enabled
-# schema:
-# type: boolean
-# default: false
-# show_subquestions_if: true
-# subquestions:
-# - variable: target
-# label: Target
-# description: Deployment name, Defaults to Main Deployment
-# schema:
-# type: string
-# default: ""
-# - variable: minReplicas
-# label: Minimum Replicas
-# schema:
-# type: int
-# default: 1
-# - variable: maxReplicas
-# label: Maximum Replicas
-# schema:
-# type: int
-# default: 5
-# - variable: targetCPUUtilizationPercentage
-# label: Target CPU Utilization Percentage
-# schema:
-# type: int
-# default: 80
-# - variable: targetMemoryUtilizationPercentage
-# label: Target Memory Utilization Percentage
-# schema:
-# type: int
-# default: 80
- - variable: networkPolicy
- group: Advanced
- label: (Advanced) Network Policy
- schema:
- type: list
- default: []
- items:
- - variable: netPolicyEntry
- label: Network Policy Entry
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- default: ""
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: policyType
- label: Policy Type
- schema:
- type: string
- default: ""
- enum:
- - value: ""
- description: Default
- - value: ingress
- description: Ingress
- - value: egress
- description: Egress
- - value: ingress-egress
- description: Ingress and Egress
- - variable: egress
- label: Egress
- schema:
- type: list
- default: []
- items:
- - variable: egressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: to
- label: To
- schema:
- type: list
- default: []
- items:
- - variable: toEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: ingress
- label: Ingress
- schema:
- type: list
- default: []
- items:
- - variable: ingressEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: from
- label: From
- schema:
- type: list
- default: []
- items:
- - variable: fromEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: ipBlock
- label: IP Block
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: cidr
- label: CIDR
- schema:
- type: string
- default: ""
- - variable: except
- label: Except
- schema:
- type: list
- default: []
- items:
- - variable: exceptint
- label: ""
- schema:
- type: string
- - variable: namespaceSelector
- label: Namespace Selector
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: podSelector
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: matchExpressions
- label: Match Expressions
- schema:
- type: list
- default: []
- items:
- - variable: expressionEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- - variable: operator
- label: Operator
- schema:
- type: string
- default: TCP
- enum:
- - value: In
- description: In
- - value: NotIn
- description: NotIn
- - value: Exists
- description: Exists
- - value: DoesNotExist
- description: DoesNotExist
- - variable: values
- label: Values
- schema:
- type: list
- default: []
- items:
- - variable: value
- label: ""
- schema:
- type: string
- - variable: ports
- label: Ports
- schema:
- type: list
- default: []
- items:
- - variable: portsEntry
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- - variable: endPort
- label: End Port
- schema:
- type: int
- - variable: protocol
- label: Protocol
- schema:
- type: string
- default: TCP
- enum:
- - value: TCP
- description: TCP
- - value: UDP
- description: UDP
- - value: SCTP
- description: SCTP
- - variable: addons
- group: Addons
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: Codeserver
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: git
- label: Git Settings
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: deployKey
- description: Raw SSH Private Key
- label: Deploy Key
- schema:
- type: string
- - variable: deployKeyBase64
- description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
- label: Deploy Key Base64
- schema:
- type: string
- - variable: service
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Service Type
- description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
- schema:
- type: string
- default: LoadBalancer
- enum:
- - value: NodePort
- description: Deprecated CHANGE THIS
- - value: ClusterIP
- description: ClusterIP
- - value: LoadBalancer
- description: LoadBalancer
- - variable: loadBalancerIP
- label: LoadBalancer IP
- description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
- schema:
- show_if: [["type", "=", "LoadBalancer"]]
- type: string
- default: ""
- - variable: advancedsvcset
- label: Show Advanced Service Settings
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: externalIPs
- label: "External IP's"
- description: "External IP's"
- schema:
- type: list
- default: []
- items:
- - variable: externalIP
- label: External IP
- schema:
- type: string
- - variable: ipFamilyPolicy
- label: IP Family Policy
- description: Specify the IP Policy
- schema:
- type: string
- default: SingleStack
- enum:
- - value: SingleStack
- description: SingleStack
- - value: PreferDualStack
- description: PreferDualStack
- - value: RequireDualStack
- description: RequireDualStack
- - variable: ipFamilies
- label: IP Families
- description: (Advanced) The IP Families that should be used
- schema:
- type: list
- default: []
- items:
- - variable: ipFamily
- label: IP Family
- schema:
- type: string
- - variable: ports
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: codeserver
- label: ""
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: port
- label: Port
- schema:
- type: int
- default: 36107
- - variable: nodePort
- description: Leave Empty to Disable
- label: nodePort DEPRECATED
- schema:
- type: int
- default: 36107
- - variable: envList
- label: Codeserver Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: vpn
- label: VPN
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: type
- label: Type
- schema:
- type: string
- default: disabled
- enum:
- - value: disabled
- description: disabled
- - value: openvpn
- description: OpenVPN
- - value: wireguard
- description: Wireguard
- - value: tailscale
- description: Tailscale
- - variable: openvpn
- label: OpenVPN Settings
- schema:
- type: dict
- show_if: [["type", "=", "openvpn"]]
- attrs:
- - variable: username
- label: Authentication Username (Optional)
- description: Authentication Username, Optional
- schema:
- type: string
- default: ""
- - variable: password
- label: Authentication Password
- description: Authentication Credentials
- schema:
- type: string
- default: ""
- required: true
- - variable: tailscale
- label: Tailscale Settings
- schema:
- type: dict
- show_if: [["type", "=", "tailscale"]]
- attrs:
- - variable: authkey
- label: Authentication Key
- description: Provide an auth key to automatically authenticate the node as your user account.
- schema:
- type: string
- private: true
- default: ""
- - variable: auth_once
- label: Auth Once
- description: Only attempt to log in if not already logged in.
- schema:
- type: boolean
- default: true
- - variable: accept_dns
- label: Accept DNS
- description: Accept DNS configuration from the admin console.
- schema:
- type: boolean
- default: false
- - variable: userspace
- label: Userspace
- description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
- schema:
- type: boolean
- default: false
- - variable: routes
- label: Routes
- description: Expose physical subnet routes to your entire Tailscale network.
- schema:
- type: string
- default: ""
- - variable: dest_ip
- label: Destination IP
- description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
- schema:
- type: string
- default: ""
- - variable: sock5_server
- label: Sock5 Server
- description: The address on which to listen for SOCKS5 proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: outbound_http_proxy_listen
- label: Outbound HTTP Proxy Listen
- description: The address on which to listen for HTTP proxying into the tailscale net.
- schema:
- type: string
- default: ""
- - variable: extra_args
- label: Extra Args
- description: Extra Args
- schema:
- type: string
- default: ""
- - variable: daemon_extra_args
- label: Tailscale Daemon Extra Args
- description: Tailscale Daemon Extra Args
- schema:
- type: string
- default: ""
- - variable: killSwitch
- label: Enable Killswitch
- schema:
- type: boolean
- show_if: [["type", "!=", "disabled"]]
- default: true
- - variable: excludedNetworks_IPv4
- label: Killswitch Excluded IPv4 networks
- description: List of Killswitch Excluded IPv4 Addresses
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv4
- label: IPv4 Network
- schema:
- type: string
- required: true
- - variable: excludedNetworks_IPv6
- label: Killswitch Excluded IPv6 networks
- description: "List of Killswitch Excluded IPv6 Addresses"
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: networkv6
- label: IPv6 Network
- schema:
- type: string
- required: true
- - variable: configFile
- label: VPN Config File Location
- schema:
- type: dict
- show_if: [["type", "!=", "disabled"]]
- attrs:
- - variable: enabled
- label: Enabled
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: type
- label: Type
- schema:
- type: string
- default: hostPath
- hidden: true
- - variable: hostPathType
- label: hostPathType
- schema:
- type: string
- default: File
- hidden: true
- - variable: noMount
- label: noMount
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: hostPath
- label: Full Path to File
- description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
- schema:
- type: string
- default: ""
- - variable: envList
- label: VPN Environment Variables
- schema:
- type: list
- show_if: [["type", "!=", "disabled"]]
- default: []
- items:
- - variable: envItem
- label: Environment Variable
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: docs
- group: Documentation
- label: Please read the documentation at https://truecharts.org
- description: Please read the documentation at
-
https://truecharts.org
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDocs
- label: I have checked the documentation
- schema:
- type: boolean
- default: true
- - variable: donateNag
- group: Documentation
- label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
- description: Please consider supporting TrueCharts, see
-
https://truecharts.org/sponsor
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: confirmDonate
- label: I have considered donating
- schema:
- type: boolean
- default: true
- hidden: true
- - variable: identity_providers
- group: "Advanced"
- label: "Authelia Identity Providers (BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: oidc
- label: "OpenID Connect(BETA)"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: enabled
- label: "enabled"
- schema:
- type: boolean
- default: false
- show_subquestions_if: true
- subquestions:
- - variable: access_token_lifespan
- label: "Access Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: authorize_code_lifespan
- label: "Authorize Code Lifespan"
- schema:
- type: string
- default: "1m"
- required: true
- - variable: id_token_lifespan
- label: "ID Token Lifespan"
- schema:
- type: string
- default: "1h"
- required: true
- - variable: refresh_token_lifespan
- label: "Refresh Token Lifespan"
- schema:
- type: string
- default: "90m"
- required: true
- - variable: enable_client_debug_messages
- label: "Enable Client Debug Messages"
- schema:
- type: boolean
- default: false
- - variable: clients
- label: "Clients"
- schema:
- type: list
- default: []
- items:
- - variable: clientEntry
- label: "Client"
- schema:
- additional_attrs: true
- type: dict
- attrs:
- - variable: id
- label: "ID/Name"
- description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
- schema:
- type: string
- default: "myapp"
- required: true
- - variable: description
- label: "Description"
- description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
- schema:
- type: string
- default: "My Application"
- required: true
- - variable: secret
- label: "Secret"
- description: "The client secret is a shared secret between Authelia and the consumer of this client."
- schema:
- type: string
- default: ""
- required: true
- - variable: public
- label: "public"
- description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
- schema:
- type: boolean
- default: false
- - variable: authorization_policy
- label: "Authorization Policy"
- description: "The policy to require for this client; one_factor or two_factor."
- schema:
- type: string
- default: "two_factor"
- enum:
- - value: "one_factor"
- description: "one_factor"
- - value: "two_factor"
- description: "two_factor"
- - variable: consent_mode
- label: "Consent Mode"
- description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
- schema:
- type: string
- default: "auto"
- enum:
- - value: "auto"
- description: "auto"
- - value: "explicit"
- description: "explicit"
- - value: "implicit"
- description: "implicit"
- - variable: userinfo_signing_algorithm
- label: "Userinfo Signing Algorithm"
- description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
- schema:
- type: string
- default: "none"
- enum:
- - value: "none"
- description: "none"
- - value: "RS256"
- description: "RS256"
- - variable: audience
- label: "Audience"
- description: "Audience this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: audienceEntry
- label: ""
- schema:
- type: string
- default: ""
- required: true
- - variable: scopes
- label: "Scopes"
- description: "Scopes this client is allowed to request."
- schema:
- type: list
- default: []
- items:
- - variable: ScopeEntry
- label: "Scope"
- schema:
- type: string
- default: "openid"
- required: true
- - variable: redirect_uris
- label: "redirect_uris"
- description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
- schema:
- type: list
- default: []
- items:
- - variable: uriEntry
- label: "Url"
- schema:
- type: string
- default: "https://oidc.example.com/oauth2/callback"
- required: true
- - variable: grant_types
- description: "Grant Types configures which grants this client can obtain."
- label: "grant_types"
- schema:
- type: list
- default: []
- items:
- - variable: grantEntry
- label: "Grant"
- schema:
- type: string
- default: "refresh_token"
- required: true
- - variable: response_types
- description: "Response Types configures which responses this client can be sent."
- label: "response_types"
- schema:
- type: list
- default: []
- items:
- - variable: responseEntry
- label: "type"
- schema:
- type: string
- default: "code"
- required: true
- - variable: response_modes
- description: "Response Modes configures which response modes this client supports."
- label: "response_modes"
- schema:
- type: list
- default: []
- items:
- - variable: modeEntry
- label: "Mode"
- schema:
- type: string
- default: "form_post"
- required: true
diff --git a/stable/authelia/14.0.25/templates/_configmap.tpl b/stable/authelia/14.0.25/templates/_configmap.tpl
deleted file mode 100644
index 9424df306ad..00000000000
--- a/stable/authelia/14.0.25/templates/_configmap.tpl
+++ /dev/null
@@ -1,251 +0,0 @@
-{{/* Define the configmap */}}
-{{- define "authelia.configmap" -}}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: authelia-paths
-data:
- AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
- AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
- AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_ENCRYPTION_KEY"
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/ENCRYPTION_KEY"
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: "/secrets/STORAGE_PASSWORD"
- {{- if .Values.authentication_backend.ldap.enabled }}
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: "/secrets/LDAP_PASSWORD"
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: "/secrets/SMTP_PASSWORD"
- {{- end }}
- AUTHELIA_SESSION_REDIS_PASSWORD_FILE: "/secrets/REDIS_PASSWORD"
- {{- if .Values.redisProvider.high_availability.enabled }}
- AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_PASSWORD_FILE: "/secrets/REDIS_SENTINEL_PASSWORD"
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- AUTHELIA_DUO_API_SECRET_KEY_FILE: "/secrets/DUO_API_KEY"
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: "/secrets/OIDC_HMAC_SECRET"
- AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/secrets/OIDC_PRIVATE_KEY"
- {{- end }}
-
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: authelia-configfile
-data:
- configuration.yaml: |
- ---
- theme: {{ default "light" .Values.theme }}
- default_redirection_url: {{ default (printf "https://www.%s" .Values.domain) .Values.default_redirection_url }}
- server:
- host: 0.0.0.0
- port: {{ default 9091 .Values.server.port }}
- {{- if not (eq "" (default "" .Values.server.path)) }}
- path: {{ .Values.server.path }}
- {{- end }}
- read_buffer_size: {{ default 4096 .Values.server.read_buffer_size }}
- write_buffer_size: {{ default 4096 .Values.server.write_buffer_size }}
- enable_pprof: {{ default false .Values.server.enable_pprof }}
- enable_expvars: {{ default false .Values.server.enable_expvars }}
- log:
- level: {{ default "info" .Values.log.level }}
- format: {{ default "text" .Values.log.format }}
- {{- if not (eq "" (default "" .Values.log.file_path)) }}
- file_path: {{ .Values.log.file_path }}
- keep_stdout: true
- {{- end }}
- totp:
- issuer: {{ default .Values.domain .Values.totp.issuer }}
- period: {{ default 30 .Values.totp.period }}
- skew: {{ default 1 .Values.totp.skew }}
- {{- if .Values.duo_api.enabled }}
- duo_api:
- hostname: {{ .Values.duo_api.hostname }}
- integration_key: {{ .Values.duo_api.integration_key }}
- {{- end }}
- {{- with $auth := .Values.authentication_backend }}
- authentication_backend:
- disable_reset_password: {{ $auth.disable_reset_password }}
- {{- if $auth.file.enabled }}
- file:
- path: {{ $auth.file.path }}
- password: {{ toYaml $auth.file.password | nindent 10 }}
- {{- end }}
- {{- if $auth.ldap.enabled }}
- ldap:
- implementation: {{ default "custom" $auth.ldap.implementation }}
- url: {{ $auth.ldap.url }}
- timeout: {{ default "5s" $auth.ldap.timeout }}
- start_tls: {{ $auth.ldap.start_tls }}
- tls:
- {{- if hasKey $auth.ldap.tls "server_name" }}
- server_name: {{ default $auth.ldap.host $auth.ldap.tls.server_name }}
- {{- end }}
- minimum_version: {{ default "TLS1.2" $auth.ldap.tls.minimum_version }}
- skip_verify: {{ default false $auth.ldap.tls.skip_verify }}
- {{- if $auth.ldap.base_dn }}
- base_dn: {{ $auth.ldap.base_dn }}
- {{- end }}
- {{- if $auth.ldap.username_attribute }}
- username_attribute: {{ $auth.ldap.username_attribute }}
- {{- end }}
- {{- if $auth.ldap.additional_users_dn }}
- additional_users_dn: {{ $auth.ldap.additional_users_dn }}
- {{- end }}
- {{- if $auth.ldap.users_filter }}
- users_filter: {{ $auth.ldap.users_filter }}
- {{- end }}
- {{- if $auth.ldap.additional_groups_dn }}
- additional_groups_dn: {{ $auth.ldap.additional_groups_dn }}
- {{- end }}
- {{- if $auth.ldap.groups_filter }}
- groups_filter: {{ $auth.ldap.groups_filter }}
- {{- end }}
- {{- if $auth.ldap.group_name_attribute }}
- group_name_attribute: {{ $auth.ldap.group_name_attribute }}
- {{- end }}
- {{- if $auth.ldap.mail_attribute }}
- mail_attribute: {{ $auth.ldap.mail_attribute }}
- {{- end }}
- {{- if $auth.ldap.display_name_attribute }}
- display_name_attribute: {{ $auth.ldap.display_name_attribute }}
- {{- end }}
- user: {{ $auth.ldap.user }}
- {{- end }}
- {{- end }}
- {{- with $session := .Values.session }}
- session:
- name: {{ default "authelia_session" $session.name }}
- domain: {{ required "A valid .Values.domain entry required!" $.Values.domain }}
- same_site: {{ default "lax" $session.same_site }}
- expiration: {{ default "1M" $session.expiration }}
- inactivity: {{ default "5m" $session.inactivity }}
- remember_me_duration: {{ default "1M" $session.remember_me_duration }}
- {{- end }}
- redis:
- host: {{ .Values.redis.url.plain }}
- {{- with $redis := .Values.redisProvider }}
- port: {{ default 6379 $redis.port }}
- {{- if not (eq $redis.username "") }}
- username: {{ $redis.username }}
- {{- end }}
- maximum_active_connections: {{ default 8 $redis.maximum_active_connections }}
- minimum_idle_connections: {{ default 0 $redis.minimum_idle_connections }}
- {{- if $redis.tls.enabled }}
- tls:
- server_name: {{ $redis.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $redis.tls.minimum_version }}
- skip_verify: {{ $redis.tls.skip_verify }}
- {{- end }}
- {{- if $redis.high_availability.enabled }}
- high_availability:
- sentinel_name: {{ $redis.high_availability.sentinel_name }}
- {{- if $redis.high_availability.nodes }}
- nodes: {{ toYaml $redis.high_availability.nodes | nindent 10 }}
- {{- end }}
- route_by_latency: {{ $redis.high_availability.route_by_latency }}
- route_randomly: {{ $redis.high_availability.route_randomly }}
- {{- end }}
- {{- end }}
- regulation: {{ toYaml .Values.regulation | nindent 6 }}
- storage:
- postgres:
- host: {{ printf "%v-%v" .Release.Name "postgresql" }}
- {{- with $storage := .Values.storage }}
- port: {{ default 5432 $storage.postgres.port }}
- database: {{ default "authelia" $storage.postgres.database }}
- username: {{ default "authelia" $storage.postgres.username }}
- timeout: {{ default "5s" $storage.postgres.timeout }}
- sslmode: {{ default "disable" $storage.postgres.sslmode }}
- {{- end }}
- {{- with $notifier := .Values.notifier }}
- notifier:
- disable_startup_check: {{ $.Values.notifier.disable_startup_check }}
- {{- if $notifier.filesystem.enabled }}
- filesystem:
- filename: {{ $notifier.filesystem.filename }}
- {{- end }}
- {{- if $notifier.smtp.enabled }}
- smtp:
- host: {{ $notifier.smtp.host }}
- port: {{ default 25 $notifier.smtp.port }}
- timeout: {{ default "5s" $notifier.smtp.timeout }}
- {{- with $notifier.smtp.username }}
- username: {{ . }}
- {{- end }}
- sender: {{ $notifier.smtp.sender }}
- identifier: {{ $notifier.smtp.identifier }}
- subject: {{ $notifier.smtp.subject | quote }}
- startup_check_address: {{ $notifier.smtp.startup_check_address }}
- disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
- disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
- tls:
- server_name: {{ default $notifier.smtp.host $notifier.smtp.tls.server_name }}
- minimum_version: {{ default "TLS1.2" $notifier.smtp.tls.minimum_version }}
- skip_verify: {{ default false $notifier.smtp.tls.skip_verify }}
- {{- end }}
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- identity_providers:
- oidc:
- access_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.access_token_lifespan }}
- authorize_code_lifespan: {{ default "1m" .Values.identity_providers.oidc.authorize_code_lifespan }}
- id_token_lifespan: {{ default "1h" .Values.identity_providers.oidc.id_token_lifespan }}
- refresh_token_lifespan: {{ default "90m" .Values.identity_providers.oidc.refresh_token_lifespan }}
- enable_client_debug_messages: {{ default false .Values.identity_providers.oidc.enable_client_debug_messages }}
- minimum_parameter_entropy: {{ default 8 .Values.identity_providers.oidc.minimum_parameter_entropy }}
- {{- if gt (len .Values.identity_providers.oidc.clients) 0 }}
- clients:
- {{- range $client := .Values.identity_providers.oidc.clients }}
- - id: {{ $client.id }}
- description: {{ default $client.id $client.description }}
- secret: {{ default (randAlphaNum 128) $client.secret }}
- {{- if $client.public }}
- public: {{ $client.public }}
- {{- end }}
- authorization_policy: {{ default "two_factor" $client.authorization_policy }}
- consent_mode: {{ default "auto" $client.consent_mode}}
- redirect_uris:
- {{- range $client.redirect_uris }}
- - {{ . }}
- {{- end }}
- {{- if $client.audience }}
- audience: {{ toYaml $client.audience | nindent 10 }}
- {{- end }}
- scopes: {{ toYaml (default (list "openid" "profile" "email" "groups") $client.scopes) | nindent 10 }}
- grant_types: {{ toYaml (default (list "refresh_token" "authorization_code") $client.grant_types) | nindent 10 }}
- response_types: {{ toYaml (default (list "code") $client.response_types) | nindent 10 }}
- {{- if $client.response_modes }}
- response_modes: {{ toYaml $client.response_modes | nindent 10 }}
- {{- end }}
- userinfo_signing_algorithm: {{ default "none" $client.userinfo_signing_algorithm }}
- {{- end }}
- {{- end }}
- {{- end }}
- access_control:
- {{- if (eq (len .Values.access_control.rules) 0) }}
- {{- if (eq .Values.access_control.default_policy "bypass") }}
- default_policy: one_factor
- {{- else if (eq .Values.access_control.default_policy "deny") }}
- default_policy: two_factor
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- else }}
- default_policy: {{ .Values.access_control.default_policy }}
- {{- end }}
- {{- if (eq (len .Values.access_control.networks) 0) }}
- networks: []
- {{- else }}
- networks: {{ toYaml .Values.access_control.networks | nindent 6 }}
- {{- end }}
- {{- if (eq (len .Values.access_control.rules) 0) }}
- rules: []
- {{- else }}
- rules: {{ toYaml .Values.access_control.rules | nindent 6 }}
- {{- end }}
- ...
-{{- end -}}
diff --git a/stable/authelia/14.0.25/templates/_secrets.tpl b/stable/authelia/14.0.25/templates/_secrets.tpl
deleted file mode 100644
index 3c66d93cf99..00000000000
--- a/stable/authelia/14.0.25/templates/_secrets.tpl
+++ /dev/null
@@ -1,67 +0,0 @@
-{{/* Define the secrets */}}
-{{- define "authelia.secrets" -}}
----
-
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- name: authelia-secrets
-{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
-{{- $oidckey := "" }}
-{{- $oidcsecret := "" }}
-{{- $jwtsecret := "" }}
-{{- $sessionsecret := "" }}
-{{- $encryptionkey := "" }}
-data:
- {{- if $autheliaprevious }}
- SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" }}
- JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" }}
- {{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }}
- ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" }}
- {{- else }}
- {{- $encryptionkey := randAlphaNum 100 }}
- ENCRYPTION_KEY: {{ $encryptionkey | b64enc }}
- {{- end }}
- {{- else }}
- {{- $jwtsecret := randAlphaNum 50 }}
- {{- $sessionsecret := randAlphaNum 50 }}
- {{- $encryptionkey := randAlphaNum 100 }}
- SESSION_ENCRYPTION_KEY: {{ $sessionsecret | b64enc }}
- JWT_TOKEN: {{ $jwtsecret | b64enc}}
- ENCRYPTION_KEY: {{ $encryptionkey | b64enc }}
- {{- end }}
-
- {{- if .Values.authentication_backend.ldap.enabled }}
- LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password | b64enc | quote }}
- {{- end }}
-
- {{- if and .Values.notifier.smtp.enabled .Values.notifier.smtp.plain_password }}
- SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password | b64enc | quote }}
- {{- end }}
-
- {{- if .Values.duo_api.enabled }}
- DUO_API_KEY: {{ .Values.duo_api.plain_api_key | b64enc }}
- {{- end }}
-
- STORAGE_PASSWORD: {{ .Values.postgresql.postgresqlPassword | trimAll "\"" | b64enc }}
-
- REDIS_PASSWORD: {{ .Values.redis.redisPassword | trimAll "\"" | b64enc }}
- {{- if .Values.redisProvider.high_availability.enabled}}
- REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" | b64enc }}
- {{- end }}
-
- {{- if $autheliaprevious }}
- {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
- OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }}
- OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }}
- {{- else }}
- {{- $oidckey := genPrivateKey "rsa" }}
- {{- $oidcsecret := randAlphaNum 32 }}
- OIDC_PRIVATE_KEY: {{ $oidckey | b64enc }}
- OIDC_HMAC_SECRET: {{ $oidcsecret | b64enc }}
- {{- end }}
- {{- end }}
-
-
-{{- end -}}
diff --git a/stable/authelia/14.0.25/templates/common.yaml b/stable/authelia/14.0.25/templates/common.yaml
deleted file mode 100644
index 614b468adf3..00000000000
--- a/stable/authelia/14.0.25/templates/common.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
-{{/* Make sure all variables are set properly */}}
-{{- include "tc.common.loader.init" . }}
-
-{{/* Render configmap for authelia */}}
-{{- include "authelia.configmap" . }}
-
-{{/* Render secrets for authelia */}}
-{{- include "authelia.secrets" . }}
-
-{{/* Append the general configMap volume to the volumes */}}
-{{- define "authelia.configmapVolume" -}}
-enabled: "true"
-mountPath: " /configuration.yaml"
-readOnly: true
-subPath: configuration.yaml
-type: "custom"
-volumeSpec:
- configMap:
- name: authelia-configfile
- items:
- - key: configuration.yaml
- path: configuration.yaml
-{{- end -}}
-
-{{/* Append the general secret volumes to the volumes */}}
-{{- define "authelia.secretVolumes" -}}
-enabled: "true"
-mountPath: "/secrets"
-readOnly: true
-type: "custom"
-volumeSpec:
- secret:
- secretName: authelia-secrets
- items:
- - key: "JWT_TOKEN"
- path: JWT_TOKEN
- - key: "SESSION_ENCRYPTION_KEY"
- path: SESSION_ENCRYPTION_KEY
- - key: "ENCRYPTION_KEY"
- path: ENCRYPTION_KEY
- - key: "STORAGE_PASSWORD"
- path: STORAGE_PASSWORD
- {{- if .Values.authentication_backend.ldap.enabled }}
- - key: "LDAP_PASSWORD"
- path: LDAP_PASSWORD
- {{- end }}
- {{- if .Values.notifier.smtp.enabled }}
- - key: "SMTP_PASSWORD"
- path: SMTP_PASSWORD
- {{- end }}
- - key: "REDIS_PASSWORD"
- path: REDIS_PASSWORD
- {{- if .Values.redisProvider.high_availability.enabled}}
- - key: "REDIS_SENTINEL_PASSWORD"
- path: REDIS_SENTINEL_PASSWORD
- {{- end }}
- {{- if .Values.duo_api.enabled }}
- - key: "DUO_API_KEY"
- path: DUO_API_KEY
- {{- end }}
- {{- if .Values.identity_providers.oidc.enabled }}
- - key: "OIDC_PRIVATE_KEY"
- path: OIDC_PRIVATE_KEY
- - key: "OIDC_HMAC_SECRET"
- path: OIDC_HMAC_SECRET
- {{- end }}
-{{- end -}}
-
-{{- $_ := set .Values.persistence "authelia-configfile" (include "authelia.configmapVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "authelia-secrets" (include "authelia.secretVolumes" . | fromYaml) -}}
-
-
-{{/* Render the templates */}}
-{{ include "tc.common.loader.apply" . }}
diff --git a/stable/authelia/14.0.25/values.yaml b/stable/authelia/14.0.25/values.yaml
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/stable/authelia/14.0.26/CHANGELOG.md b/stable/authelia/14.0.26/CHANGELOG.md
deleted file mode 100644
index 8a9d79966ae..00000000000
--- a/stable/authelia/14.0.26/CHANGELOG.md
+++ /dev/null
@@ -1,99 +0,0 @@
-**Important:**
-*for the complete changelog, please refer to the website*
-
-
-
-
-## [authelia-14.0.26](https://github.com/truecharts/charts/compare/authelia-14.0.25...authelia-14.0.26) (2023-01-24)
-
-### Chore
-
-- update helm general non-major ([#6689](https://github.com/truecharts/charts/issues/6689))
-
-
-
-
-## [authelia-14.0.25](https://github.com/truecharts/charts/compare/authelia-14.0.24...authelia-14.0.25) (2023-01-23)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [authelia-14.0.24](https://github.com/truecharts/charts/compare/authelia-14.0.23...authelia-14.0.24) (2023-01-17)
-
-### Chore
-
-- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
-
-
-
-
-## [authelia-14.0.23](https://github.com/truecharts/charts/compare/authelia-14.0.22...authelia-14.0.23) (2023-01-07)
-
-### Chore
-
-- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
-
-
-
-
-## [authelia-14.0.22](https://github.com/truecharts/charts/compare/authelia-14.0.21...authelia-14.0.22) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
-
-
-
-
-## [authelia-14.0.21](https://github.com/truecharts/charts/compare/authelia-14.0.20...authelia-14.0.21) (2022-12-27)
-
-### Chore
-
-- update helm general non-major ([#5848](https://github.com/truecharts/charts/issues/5848))
-
-
-
-
-## [authelia-14.0.20](https://github.com/truecharts/charts/compare/authelia-14.0.19...authelia-14.0.20) (2022-12-26)
-
-### Chore
-
-- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
-
-
-
-
-## [authelia-14.0.19](https://github.com/truecharts/charts/compare/authelia-14.0.18...authelia-14.0.19) (2022-12-25)
-
-### Chore
-
-- update helm general non-major
-
-
-
-
-## [authelia-14.0.18](https://github.com/truecharts/charts/compare/authelia-14.0.17...authelia-14.0.18) (2022-12-25)
-
-### Fix
-
-- Allow SMTP without username and password (SMTP relay) ([#5770](https://github.com/truecharts/charts/issues/5770))
-
-
-
-
-## [authelia-14.0.17](https://github.com/truecharts/charts/compare/authelia-14.0.16...authelia-14.0.17) (2022-12-21)
-
-### Chore
-
-- update container image tccr.io/truecharts/authelia to v4.37.5
-
-
-
-
-## [authelia-14.0.16](https://github.com/truecharts/charts/compare/authelia-14.0.15...authelia-14.0.16) (2022-12-19)
-
-### Chore
diff --git a/stable/authelia/14.0.26/Chart.yaml b/stable/authelia/14.0.26/Chart.yaml
deleted file mode 100644
index bd6c1b7aae1..00000000000
--- a/stable/authelia/14.0.26/Chart.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: v2
-appVersion: "4.37.5"
-dependencies:
- - name: common
- repository: https://library-charts.truecharts.org
- version: 11.1.2
- - condition: postgresql.enabled
- name: postgresql
- repository: https://charts.truecharts.org/
- version: 11.0.22
- - condition: redis.enabled
- name: redis
- repository: https://charts.truecharts.org
- version: 5.0.29
-deprecated: false
-description: Authelia is a Single Sign-On Multi-Factor portal for web apps
-home: https://truecharts.org/charts/stable/authelia
-icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
-keywords:
- - authelia
- - authentication
- - login
- - SSO
- - Authentication
- - Security
- - Two-Factor
- - U2F
- - YubiKey
- - Push Notifications
- - LDAP
-kubeVersion: ">=1.16.0-0"
-maintainers:
- - email: info@truecharts.org
- name: TrueCharts
- url: https://truecharts.org
-name: authelia
-sources:
- - https://github.com/truecharts/charts/tree/master/charts/stable/authelia
- - https://github.com/authelia/chartrepo
- - https://github.com/authelia/authelia
-type: application
-version: 14.0.26
-annotations:
- truecharts.org/catagories: |
- - security
- truecharts.org/SCALE-support: "true"
- truecharts.org/grade: U
diff --git a/stable/authelia/14.0.26/README.md b/stable/authelia/14.0.26/README.md
deleted file mode 100644
index 701942c352f..00000000000
--- a/stable/authelia/14.0.26/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# README
-
-## General Info
-
-TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
-However only installations using the TrueNAS SCALE Apps system are supported.
-
-For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
-
-**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
-
-
-## Support
-
-- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
-- See the [Website](https://truecharts.org)
-- Check our [Discord](https://discord.gg/tVsPTHWTtr)
-- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
-
----
-
-## Sponsor TrueCharts
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
-
-*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/authelia/14.0.26/app-changelog.md b/stable/authelia/14.0.26/app-changelog.md
deleted file mode 100644
index 064a23cd88b..00000000000
--- a/stable/authelia/14.0.26/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [authelia-14.0.26](https://github.com/truecharts/charts/compare/authelia-14.0.25...authelia-14.0.26) (2023-01-24)
-
-### Chore
-
-- update helm general non-major ([#6689](https://github.com/truecharts/charts/issues/6689))
-
-
\ No newline at end of file
diff --git a/stable/authelia/14.0.26/app-readme.md b/stable/authelia/14.0.26/app-readme.md
deleted file mode 100644
index 6dc9492a7e6..00000000000
--- a/stable/authelia/14.0.26/app-readme.md
+++ /dev/null
@@ -1,8 +0,0 @@
-Authelia is a Single Sign-On Multi-Factor portal for web apps
-
-This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/authelia](https://truecharts.org/charts/stable/authelia)
-
----
-
-TrueCharts can only exist due to the incredible effort of our staff.
-Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/authelia/14.0.26/charts/common-11.1.2.tgz b/stable/authelia/14.0.26/charts/common-11.1.2.tgz
deleted file mode 100644
index da62080e8a5..00000000000
Binary files a/stable/authelia/14.0.26/charts/common-11.1.2.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.26/charts/postgresql-11.0.22.tgz b/stable/authelia/14.0.26/charts/postgresql-11.0.22.tgz
deleted file mode 100644
index e8719337257..00000000000
Binary files a/stable/authelia/14.0.26/charts/postgresql-11.0.22.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.26/charts/redis-5.0.29.tgz b/stable/authelia/14.0.26/charts/redis-5.0.29.tgz
deleted file mode 100644
index ee3b38dee8e..00000000000
Binary files a/stable/authelia/14.0.26/charts/redis-5.0.29.tgz and /dev/null differ
diff --git a/stable/authelia/14.0.26/ix_values.yaml b/stable/authelia/14.0.26/ix_values.yaml
deleted file mode 100644
index 05a8d755871..00000000000
--- a/stable/authelia/14.0.26/ix_values.yaml
+++ /dev/null
@@ -1,628 +0,0 @@
-image:
- repository: tccr.io/truecharts/authelia
- pullPolicy: IfNotPresent
- tag: 4.37.5@sha256:76a4617539534cec140fd98a12f721b878524f2df3a3653f3df8ff2b7eaab586
-
-command: ["authelia"]
-args: ["--config=/configuration.yaml"]
-
-enableServiceLinks: false
-
-service:
- main:
- ports:
- main:
- port: 9091
- targetPort: 9091
-
-persistence:
- config:
- enabled: true
- mountPath: "/config"
-# Enabled postgres
-postgresql:
- enabled: true
- existingSecret: "dbcreds"
- postgresqlUsername: authelia
- postgresqlDatabase: authelia
-
-# Enabled redis
-# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
-redis:
- enabled: true
- existingSecret: "rediscreds"
-
-resources:
- limits: {}
- # limits:
- # cpu: "4.00"
- # memory: 125Mi
- requests: {}
- # requests:
- # cpu: "0.25"
- # memory: 50Mi
-
-envFrom:
- - configMapRef:
- name: authelia-paths
-
-# probes:
-# liveness:
-# type: HTTP
-# path: /api/health"
-
-# readiness:
-# type: HTTP
-# path: "/api/health"
-
-# startup:
-# type: HTTP
-# path: "/api/health"
-
-domain: example.com
-
-##
-## Server Configuration
-##
-server:
- ##
- ## Port sets the configured port for the daemon, service, and the probes.
- ## Default is 9091 and should not need to be changed.
- ##
- port: 9091
-
- ## Buffers usually should be configured to be the same value.
- ## Explanation at https://www.authelia.com/docs/configuration/server.html
- ## Read buffer size adjusts the server's max incoming request size in bytes.
- ## Write buffer size does the same for outgoing responses.
- read_buffer_size: 4096
- write_buffer_size: 4096
- ## Set the single level path Authelia listens on.
- ## Must be alphanumeric chars and should not contain any slashes.
- path: ""
-
-log:
- ## Level of verbosity for logs: info, debug, trace.
- level: trace
-
- ## Format the logs are written as: json, text.
- format: text
-
- ## TODO: Statefulness check should check if this is set, and the configMap should enable it.
- ## File path where the logs will be written. If not set logs are written to stdout.
- # file_path: /config/authelia.log
-
-## Default redirection URL
-##
-## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
-## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
-## in such a case.
-##
-## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
-## Default is https://www. (value at the top of the values.yaml).
-default_redirection_url: ""
-# default_redirection_url: https://example.com
-
-theme: light
-
-##
-## TOTP Configuration
-##
-## Parameters used for TOTP generation
-totp:
- ## The issuer name displayed in the Authenticator application of your choice
- ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
- ## Defaults to .
- issuer: ""
- ## The period in seconds a one-time password is current for. Changing this will require all users to register
- ## their TOTP applications again. Warning: before changing period read the docs link below.
- period: 30
- ## The skew controls number of one-time passwords either side of the current one that are valid.
- ## Warning: before changing skew read the docs link below.
- ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
- skew: 1
-
-##
-## Duo Push API Configuration
-##
-## Parameters used to contact the Duo API. Those are generated when you protect an application of type
-## "Partner Auth API" in the management panel.
-duo_api:
- enabled: false
- hostname: api-123456789.example.com
- integration_key: ABCDEF
- plain_api_key: ""
-
-##
-## Authentication Backend Provider Configuration
-##
-## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
-##
-## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
-authentication_backend:
- ## Disable both the HTML element and the API for reset password functionality
- disable_reset_password: false
-
- ## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
- ## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
- ## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
- ## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
- ## See the below documentation for more information.
- ## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
- ## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
- refresh_interval: 5m
-
- ## LDAP backend configuration.
- ##
- ## This backend allows Authelia to be scaled to more
- ## than one instance and therefore is recommended for
- ## production.
- ldap:
- ## Enable LDAP Backend.
- enabled: false
-
- ## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
- ## Acceptable options are as follows:
- ## - 'activedirectory' - For Microsoft Active Directory.
- ## - 'custom' - For custom specifications of attributes and filters.
- ## This currently defaults to 'custom' to maintain existing behaviour.
- ##
- ## Depending on the option here certain other values in this section have a default value, notably all of the
- ## attribute mappings have a default value that this config overrides, you can read more about these default values
- ## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
- implementation: activedirectory
-
- ## The url to the ldap server. Format: ://[:].
- ## Scheme can be ldap or ldaps in the format (port optional).
- url: ldap://openldap.default.svc.cluster.local
-
- ## Connection Timeout.
- timeout: 5s
-
- ## Use StartTLS with the LDAP connection.
- start_tls: false
-
- tls:
- ## Server Name for certificate validation (in case it's not set correctly in the URL).
- server_name: ""
-
- ## Skip verifying the server certificate (to allow a self-signed certificate).
- ## In preference to setting this we strongly recommend you add the public portion of the certificate to the
- ## certificates directory which is defined by the `certificates_directory` option at the top of the config.
- skip_verify: false
-
- ## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
- minimum_version: TLS1.2
-
- ## The base dn for every LDAP query.
- base_dn: DC=example,DC=com
-
- ## The attribute holding the username of the user. This attribute is used to populate the username in the session
- ## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
- ## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
- ## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
- ## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
- ## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
- ## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
- ## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
- username_attribute: ""
-
- ## An additional dn to define the scope to all users.
- additional_users_dn: OU=Users
-
- ## The users filter used in search queries to find the user profile based on input filled in login form.
- ## Various placeholders are available in the user filter:
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ##
- ## Recommended settings are as follows:
- ## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
- ## - OpenLDAP:
- ## - (&({username_attribute}={input})(objectClass=person))
- ## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
- ##
- ## To allow sign in both with username and email, one can use a filter like
- ## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
- users_filter: ""
-
- ## An additional dn to define the scope of groups.
- additional_groups_dn: OU=Groups
-
- ## The groups filter used in search queries to find the groups of the user.
- ## - {input} is a placeholder replaced by what the user inputs in the login form.
- ## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
- ## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
- ## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
- ## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
- ## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
- ## versions, so please don't use it.
- ## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
- ## later version, so please don't use it.
- ##
- ## If your groups use the `groupOfUniqueNames` structure use this instead:
- ## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
- groups_filter: ""
-
- ## The attribute holding the name of the group
- group_name_attribute: ""
-
- ## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
- ## first one returned by the LDAP server is used.
- mail_attribute: ""
-
- ## The attribute holding the display name of the user. This will be used to greet an authenticated user.
- display_name_attribute: ""
-
- ## The username of the admin user.
- user: CN=Authelia,DC=example,DC=com
- plain_password: ""
-
- ##
- ## File (Authentication Provider)
- ##
- ## With this backend, the users database is stored in a file which is updated when users reset their passwords.
- ## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
- ## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
- ## implications it is highly recommended you leave the default values. Before considering changing these settings
- ## please read the docs page below:
- ## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
- ##
- ## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
- ##
- file:
- enabled: true
- path: /config/users_database.yml
- password:
- algorithm: argon2id
- iterations: 1
- key_length: 32
- salt_length: 16
- memory: 1024
- parallelism: 8
-
-##
-## Access Control Configuration
-##
-## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
-##
-## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
-## to anyone. Otherwise restrictions follow the rules defined.
-##
-## Note: One can use the wildcard * to match any subdomain.
-## It must stand at the beginning of the pattern. (example: *.mydomain.com)
-##
-## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
-##
-## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
-##
-## - 'domain' defines which domain or set of domains the rule applies to.
-##
-## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
-## provided. If provided, the parameter represents either a user or a group. It should be of the form
-## 'user: