groups: - name: Image description: | Configured the images to be used for the Chart. It's wise to use "digest pinned" tags and to avoid using "latest". Checkout the following documentation for more information: - https://truecharts.org/common/#images - name: General description: | For TrueNAS SCALE We've grouped a number of settings here, that all effact how apps run in general. Checkout the following documentation for more information: - https://truecharts.org/common/global/ - https://truecharts.org/common/#tz - https://truecharts.org/common/podoptions/ - Image Pull Secrets - name: Workload description: | These settings configure how the actual Pods and containers are running. Generally, on SCALE, we only expose a limited subset of these settings for the primary workload and container. Checkout the following documentation for more information: - https://truecharts.org/common/workload/ - https://truecharts.org/common/container/ - name: App Configuration description: | Every application has different values that may be required to run or have multiple options that the user may choose to enable or disable to change the behavior of the application. Most options should have a Tooltip (Circled Question Mark) to further describe said option. To find more information, lookup your chart-specific documentation in the Charts List: https://truecharts.org/charts/description-list/ - name: Services description: | Service and Networking options for any applications are contained here. Some applications may have complicated networking setups with multiple options or some may have no options here at all. Options here include the service and port configurations for the application, and more may be enabled or changed under the Advanced Settings and Show Expert Config boxes. Checkout the following documentation for more information: - https://truecharts.org/common/service/ - name: Networking description: | Contains advanced networking options that are not actively supported by the TrueCharts team. Currently only contains scaleExternalInterfaces. Checkout the following documentation for more information: - https://truecharts.org/common/scaleexternalinterface/ - name: Persistence description: | Many applications will have certain options for storage to be configurable by the user, the main two being PVC and hostpath but may include other types. This storage is called Persistence since it is not deleted upon restart or upgrade of an application. Checkout the following documentation for more information: - https://truecharts.org/common/persistence/ - https://truecharts.org/scale/guides/nfs-share/ - https://truecharts.org/general/faq/#why-pvc-is-recommended-over-hostpath - name: Ingress description: | Ingress (more commonly known as Reverse Proxy) settings can be configured here. This is how Kubernetes connects your Applications in containers to FQDNs (fully qualified domain names). If you choose to enable this you must have a "Ingress Provider" aka "Reverse Proxy" installed (We highly advice Traefik: https://truecharts.org/charts/premium/traefik/) It also requiresa DNS service to actually resolve the DNS name of the FQDN specified. Checkout the following documentation for more information: - https://truecharts.org/common/ingress/ - name: SecurityContext description: | The security settings for each application and/or permissions that each application may have for the files/directories created. Each application will come with predefined permissions but users may want to change certain setting depending on their usage or capabilities. Unless necessary users are advised to keep this section mostly to defaults. Checkout the following documentation for more information: - https://truecharts.org/common/securitycontext/ - name: Resources description: | Resources limits that have been defined by each application are in this section. Most will have a specific default that some users may want to change based on their specific hardware or needs. This also contains the options to mount GPUs or, more precisely, "request" GPU's to be mounted. Checkout the following documentation for more information: - https://truecharts.org/common/resources/ - name: Devices description: | These are special "mountpoints" that can be used to mount miscelanious USB and PCI devices using special hostPath mounts. For clearity we've decided to seperate this from persistence on SCALE. Checkout the following documentation for more information: - https://truecharts.org/common/persistence/device/ - https://truecharts.org/scale/guides/pci-passthrough/ - name: Middlewares description: Traefik Middlewares - name: StorageClass description: | StorageClasses define where to storage Storage. Checkout the following documentation for more information: - name: Metrics description: | Contains options to configure Prometheus metrics for the application. Checkout the following documentation for more information: - https://truecharts.org/common/metrics/ - name: Addons description: | Addons that are supplied by the TrueCharts team to add additional capabilities for users to use on top of the application’s defaults. Things included here are VPN addons, Codeserver for editing files inside the application’s container, Netshoot for network troubelshooting, etc. Generally not required for use but may be necessary or usefull at times for specific applications. Checkout the following documentation for more information: - https://truecharts.org/common/addons/ - https://truecharts.org/scale/guides/vpn-setup/ - name: Experimental description: | Experimental Configuration Options Often these are not fully flushed-out, could randomly break or might not work at-all. - name: Postgresql description: | For Postgresql we use "CloudNative-PG" as a backend, which has to be installed first. Checkout the following documentation for more information: - https://truecharts.org/common/cnpg/ - https://truecharts.org/scale/guides/sql-export/ - https://truecharts.org/scale/guides/recover-cnpg/ - name: Dependencies description: | contains dependency setting for which we, currently, do not have seperate catagories (yet) - name: Documentation description: | We added this section to make everyone aware that OpenSource isn't always easy. It doesn't keep existing without signficant ongoing support, so please consider supporting TrueCharts and other OpenSource projects. Before installing, be sure you've followed the https://truecharts.org/scale/guides/getting-started/ We would also advice going over our https://truecharts.org/scale/guides/scale-intro/ and many of the other documentation pages... questions: - variable: global group: General label: "Global Settings" schema: additional_attrs: true type: dict attrs: - variable: stopAll label: Stop All description: "Stops All Running pods and hibernates cnpg" schema: type: boolean default: false - variable: credentialsList group: General label: "Credentials (Experimental)" schema: type: list default: [] items: - variable: credentialsEntry label: "Enter Credentials" schema: additional_attrs: true type: dict attrs: - variable: name label: Name description: "Name" schema: type: string required: true default: "" - variable: type label: Type description: "Type of Credential" schema: type: string default: "s3" enum: - value: s3 description: s3 Storage - variable: url label: "url" schema: type: string default: "" required: true - variable: path label: "path" description: "Path Prefix not needed for most cases" schema: type: string default: "" - variable: bucket label: "bucket" schema: show_if: [["type", "=", "s3"]] type: string default: "" required: true - variable: accessKey label: "accessKey" schema: show_if: [["type", "=", "s3"]] type: string default: "" required: true - variable: secretKey label: "secretKey" schema: show_if: [["type", "=", "s3"]] type: string default: "" required: true - variable: encrKey label: "encrKey" description: "The Encryption key is needed for tools like volsync if not needed it will be ignored" schema: show_if: [["type", "=", "s3"]] type: string default: "MYSECRETPASSPHRASE" required: true - variable: operator group: App Configuration label: Operator Configuration schema: additional_attrs: true type: dict attrs: - variable: cert-manager label: 'Cert-Manager' schema: type: dict additional_attrs: true attrs: - variable: namespace label: 'Namespace (change to ix-APPNAME of cert-manager)' schema: type: string required: true default: "ix-cert-manager" - variable: clusterIssuer group: App Configuration label: Cluster Certificate Issuer schema: additional_attrs: true type: dict attrs: - variable: ACME label: 'ACME Issuer' schema: type: list default: [] items: - variable: ACMEEntry label: 'ACME Issuer Entry' schema: additional_attrs: true type: dict attrs: - variable: name label: Name description: "Name to give the issuer" schema: type: string required: true valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$' default: "" - variable: type label: Type or DNS-Provider description: DNS Provider schema: type: string default: cloudflare enum: - value: cloudflare description: Cloudflare - value: route53 description: Route53 - value: akamai description: Akamai - value: digitalocean description: Digitalocean - value: rfc2136 description: rfc2136 (Advanced) - value: HTTP01 description: HTTP01 (Experimental) - value: acmedns description: ACME DNS (Advanced) - variable: server label: Server description: "Server for ACME, for example: letsencrypt" schema: type: string default: 'https://acme-v02.api.letsencrypt.org/directory' enum: - value: 'https://acme-v02.api.letsencrypt.org/directory' description: Letsencrypt-Production - value: 'https://acme-staging-v02.api.letsencrypt.org/directory' description: Letsencrypt-Staging - value: 'https://api.buypass.no/acme-v02/directory' description: BuyPass-Production - value: 'https://api.test4.buypass.no/acme-v02/directory' description: BuyPass-Staging - value: custom description: Custom - variable: customServer label: Custom ACME Server (Advanced) description: "This can be used to enter your own custom ACME server" schema: type: string show_if: [["server", "=", "custom"]] default: 'https://acme-staging-v02.api.letsencrypt.org/directory' - variable: caBundle label: Trusted CABundle for private ACME server description: "Trusted CABundle for private ACME server, encoded in base64" schema: type: string show_if: [["server", "=", "custom"]] - variable: email label: Email description: "Email adress to use for certificate issuing must match your DNS provider email when required" schema: type: string required: true default: "something@example.com" - variable: cfapikey label: CloudFlare API key description: "CloudFlare API Key" schema: show_if: [["type", "=", "cloudflare"]] type: string default: "" - variable: cfapitoken label: CloudFlare API Token description: "CloudFlare API Token" schema: show_if: [["type", "=", "cloudflare"]] type: string default: "" - variable: region label: Route53 Region description: "Route 53 Region" schema: show_if: [["type", "=", "route53"]] type: string required: true default: "us-west-1" - variable: accessKeyID label: Route53 accessKeyID description: "Route53 accessKeyID" schema: show_if: [["type", "=", "route53"]] type: string required: true default: "" - variable: route53SecretAccessKey label: Route53 Secret Access Key description: "Route53 Secret Access Key" schema: show_if: [["type", "=", "route53"]] type: string required: true default: "" - variable: role label: Route53 Role (optional) description: "Route53 Role" schema: show_if: [["type", "=", "route53"]] type: string default: "" - variable: serviceConsumerDomain label: Akamai Service Consumer Domain description: "Akamai Service Consumer Domain" schema: show_if: [["type", "=", "akamai"]] type: string required: true default: "" - variable: akclientToken label: Akamai Client Token description: "Client Token" schema: show_if: [["type", "=", "akamai"]] type: string required: true default: "" - variable: akclientSecret label: Akamai Client Secret description: "Akamai Client Secret" schema: show_if: [["type", "=", "akamai"]] type: string required: true default: "" - variable: akaccessToken label: Akamai Access Token description: "Akamai Access Token" schema: show_if: [["type", "=", "akamai"]] type: string required: true default: "" - variable: doaccessToken label: Digitalocean Access Token description: "Digitalocean Access Token" schema: show_if: [["type", "=", "digitalocean"]] type: string required: true default: "" - variable: nameserver label: rfc2136 Namesever description: "rfc2136 Namesever" schema: show_if: [["type", "=", "rfc2136"]] type: string required: true default: "" - variable: tsigKeyName label: rfc2136 tsig Key Name description: "rfc2136 tsig Key Name" schema: show_if: [["type", "=", "rfc2136"]] type: string required: true default: "" - variable: tsigAlgorithm label: rfc2136 tsig Algorithm description: "rfc2136 tsig Algorithm" schema: show_if: [["type", "=", "rfc2136"]] type: string required: true default: "" - variable: rfctsigSecret label: rfc2136 sig Secret description: "rfc2136 sig Secret" schema: show_if: [["type", "=", "rfc2136"]] type: string required: true default: "" - variable: acmednsHost label: ACME DNS host description: "ACME DNS API server address" schema: show_if: [["type", "=", "acmedns"]] type: string required: true default: "https://auth.acme-dns.io" - variable: acmednsConfig label: ACME DNS config description: "ACME DNS per-domain auth configuration" schema: show_if: [["type", "=", "acmedns"]] type: list default: [] items: - variable: acmednsEntry label: 'ACME DNS entry' schema: type: dict attrs: - variable: domain label: Domain schema: type: string required: true - variable: username label: Username schema: type: string required: true - variable: password label: Password schema: type: string required: true - variable: fulldomain label: Full domain schema: type: string required: true - variable: subdomain label: Subdomain schema: type: string required: true - variable: allowFrom label: Allow from schema: type: list default: [] items: - variable: cidr label: CIDR schema: type: ipaddr cidr: true required: true - variable: CA label: Certificate Authority Issuer schema: type: list default: [] items: - variable: CAEntry label: 'CA Issuer Entry' schema: additional_attrs: true type: dict attrs: - variable: name label: Name description: "Name to give the issuer" schema: type: string required: true valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$' default: "" - variable: selfSigned label: selfSigned description: "Create Self Signed CA cert" schema: type: boolean default: true - variable: selfSignedCommonName label: selfSigned CommonName description: "Common name for selfSigned Certiticate Authority" schema: type: string required: true show_if: [["selfSigned", "=", true]] default: "my-selfsigned-ca" - variable: crt label: "Custom CA cert (experimental)" description: "certificate for Certiticate Authority" schema: type: string required: true max_length: 10240 show_if: [["selfSigned", "=", false]] default: "" - variable: key label: "Custom CA key (experimental)" description: "key Certiticate Authority" schema: type: string required: true max_length: 10240 show_if: [["selfSigned", "=", false]] default: "" - variable: selfSigned label: 'SelfSigned Issuer' schema: additional_attrs: true type: dict attrs: - variable: enabled label: enabled description: "Enable self-signed issuer" schema: type: boolean default: true - variable: name label: Name description: "Name to give the issuer" schema: type: string required: true valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$' default: "selfsigned" - variable: clusterCertificates group: App Configuration label: Cluster Wide Certificates (Advanced) description: "Creates certificates for use within the entire cluster. Can be used to create wildcard certificates." schema: additional_attrs: true type: dict attrs: - variable: certificates label: Cluster Certificates schema: type: list default: [] items: - variable: CertEntry label: 'Certificate Entry' schema: additional_attrs: true type: dict attrs: - variable: enabled label: Enabled schema: type: boolean default: true - variable: name label: Certificate Name schema: type: string required: true default: "" - variable: certificateIssuer label: Cert-Manager clusterIssuer description: "One of the Cert-Manager clusterIssuers defined above" schema: type: string required: true valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$' default: "selfsigned" - variable: hosts label: Certificate Hosts description: "NOTE: Creation of wildcard certificates with an ACME issuer requires a DNSO1 solver to be set up." schema: type: list default: [] items: - variable: host label: Host schema: type: string default: "" required: true - variable: customMetrics group: Metrics label: Prometheus Metrics schema: additional_attrs: true type: dict attrs: - variable: enabled label: Enabled description: Enable Prometheus Metrics schema: type: boolean default: true