diff --git a/enterprise/traefik/25.1.13/CHANGELOG.md b/enterprise/traefik/25.1.13/CHANGELOG.md
new file mode 100644
index 0000000000..a7fefcc681
--- /dev/null
+++ b/enterprise/traefik/25.1.13/CHANGELOG.md
@@ -0,0 +1,99 @@
+---
+title: Changelog
+---
+
+**Important:**
+*for the complete changelog, please refer to the website*
+
+
+
+## [traefik-25.1.13](https://github.com/truecharts/charts/compare/traefik-25.1.12...traefik-25.1.13) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/traefik to v2.10.7[@1a1f160](https://github.com/1a1f160) by renovate ([#17471](https://github.com/truecharts/charts/issues/17471))
+
+
+## [traefik-25.1.12](https://github.com/truecharts/charts/compare/traefik-25.1.11...traefik-25.1.12) (2024-01-21)
+
+### Chore
+
+
+
+- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409))
+
+
+## [traefik-25.1.11](https://github.com/truecharts/charts/compare/traefik-25.1.10...traefik-25.1.11) (2024-01-21)
+
+### Chore
+
+
+
+- update metadata in chart.yaml ([#17457](https://github.com/truecharts/charts/issues/17457))
+
+
+
+
+## [traefik-25.1.10](https://github.com/truecharts/charts/compare/traefik-25.1.9...traefik-25.1.10) (2024-01-09)
+
+### Chore
+
+
+
+- update container image common to v17.2.22[@e7c9056](https://github.com/e7c9056) by renovate ([#16986](https://github.com/truecharts/charts/issues/16986))
+
+
+## [traefik-25.1.9](https://github.com/truecharts/charts/compare/traefik-25.1.8...traefik-25.1.9) (2024-01-02)
+
+### Chore
+
+
+
+- force bump to ensure up-to-date catalogs
+
+
+## [traefik-25.1.8](https://github.com/truecharts/charts/compare/traefik-25.1.7...traefik-25.1.8) (2024-01-02)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/traefik to v2.10.7[@769efdf](https://github.com/769efdf) by renovate ([#16807](https://github.com/truecharts/charts/issues/16807))
+
+
+## [traefik-25.1.7](https://github.com/truecharts/charts/compare/traefik-25.1.6...traefik-25.1.7) (2024-01-02)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/traefik to v[@966a49c](https://github.com/966a49c) by renovate ([#16796](https://github.com/truecharts/charts/issues/16796))
+
+### Docs
+
+
+
+- Add notice about TCP/UDP ingress ([#16745](https://github.com/truecharts/charts/issues/16745))
+
+
+## [traefik-25.1.6](https://github.com/truecharts/charts/compare/traefik-25.1.5...traefik-25.1.6) (2024-01-02)
+
+### Chore
+
+
+
+- update container image common to v17.2.21[@cf65ff3](https://github.com/cf65ff3) by renovate ([#16752](https://github.com/truecharts/charts/issues/16752))
+
+
+## [traefik-25.1.5](https://github.com/truecharts/charts/compare/traefik-25.1.4...traefik-25.1.5) (2024-01-02)
+
+### Chore
+
+
+
+- fix some refs ([#16749](https://github.com/truecharts/charts/issues/16749))
+
+
+## [traefik-25.1.4](https://github.com/truecharts/charts/compare/traefik-25.1.3...traefik-25.1.4) (2024-01-01)
diff --git a/enterprise/traefik/25.1.13/Chart.yaml b/enterprise/traefik/25.1.13/Chart.yaml
new file mode 100644
index 0000000000..92f09a48fb
--- /dev/null
+++ b/enterprise/traefik/25.1.13/Chart.yaml
@@ -0,0 +1,39 @@
+annotations:
+ max_scale_version: 23.10.2
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: network
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: enterprise
+apiVersion: v2
+appVersion: 2.10.7
+dependencies:
+ - name: common
+ version: 17.2.26
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+deprecated: false
+description: Traefik is a flexible reverse proxy and Ingress Provider.
+home: https://truecharts.org/charts/enterprise/traefik
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
+keywords:
+ - traefik
+ - ingress
+kubeVersion: ">=1.24.0-0"
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: traefik
+sources:
+ - https://github.com/traefik/traefik
+ - https://github.com/traefik/traefik-helm-chart
+ - https://traefik.io/
+ - https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
+ - https://github.com/truecharts/containers/tree/master/apps/traefik
+type: application
+version: 25.1.13
diff --git a/enterprise/traefik/25.1.13/LICENSE b/enterprise/traefik/25.1.13/LICENSE
new file mode 100644
index 0000000000..4139714f20
--- /dev/null
+++ b/enterprise/traefik/25.1.13/LICENSE
@@ -0,0 +1,106 @@
+Business Source License 1.1
+
+Parameters
+
+Licensor: The TrueCharts Project, it's owner and it's contributors
+Licensed Work: The TrueCharts "Traefik" Helm Chart
+Additional Use Grant: You may use the licensed work in production, as long
+ as it is directly sourced from a TrueCharts provided
+ official repository, catalog or source. You may also make private
+ modification to the directly sourced licenced work,
+ when used in production.
+
+ The following cases are, due to their nature, also
+ defined as 'production use' and explicitly prohibited:
+ - Bundling, including or displaying the licensed work
+ with(in) another work intended for production use,
+ with the apparent intend of facilitating and/or
+ promoting production use by third parties in
+ violation of this license.
+
+Change Date: 2050-01-01
+
+Change License: 3-clause BSD license
+
+For information about alternative licensing arrangements for the Software,
+please contact: legal@truecharts.org
+
+Notice
+
+The Business Source License (this document, or the “License”) is not an Open
+Source license. However, the Licensed Work will eventually be made available
+under an Open Source License, as stated in this License.
+
+License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
+“Business Source License” is a trademark of MariaDB Corporation Ab.
+
+-----------------------------------------------------------------------------
+
+Business Source License 1.1
+
+Terms
+
+The Licensor hereby grants you the right to copy, modify, create derivative
+works, redistribute, and make non-production use of the Licensed Work. The
+Licensor may make an Additional Use Grant, above, permitting limited
+production use.
+
+Effective on the Change Date, or the fourth anniversary of the first publicly
+available distribution of a specific version of the Licensed Work under this
+License, whichever comes first, the Licensor hereby grants you rights under
+the terms of the Change License, and the rights granted in the paragraph
+above terminate.
+
+If your use of the Licensed Work does not comply with the requirements
+currently in effect as described in this License, you must purchase a
+commercial license from the Licensor, its affiliated entities, or authorized
+resellers, or you must refrain from using the Licensed Work.
+
+All copies of the original and modified Licensed Work, and derivative works
+of the Licensed Work, are subject to this License. This License applies
+separately for each version of the Licensed Work and the Change Date may vary
+for each version of the Licensed Work released by Licensor.
+
+You must conspicuously display this License on each original or modified copy
+of the Licensed Work. If you receive the Licensed Work in original or
+modified form from a third party, the terms and conditions set forth in this
+License apply to your use of that work.
+
+Any use of the Licensed Work in violation of this License will automatically
+terminate your rights under this License for the current and all other
+versions of the Licensed Work.
+
+This License does not grant you any right in any trademark or logo of
+Licensor or its affiliates (provided that you may use a trademark or logo of
+Licensor as expressly required by this License).
+
+TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
+AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
+EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
+TITLE.
+
+MariaDB hereby grants you permission to use this License’s text to license
+your works, and to refer to it using the trademark “Business Source License”,
+as long as you comply with the Covenants of Licensor below.
+
+Covenants of Licensor
+
+In consideration of the right to use this License’s text and the “Business
+Source License” name and trademark, Licensor covenants to MariaDB, and to all
+other recipients of the licensed work to be provided by Licensor:
+
+1. To specify as the Change License the GPL Version 2.0 or any later version,
+ or a license that is compatible with GPL Version 2.0 or a later version,
+ where “compatible” means that software provided under the Change License can
+ be included in a program with software provided under GPL Version 2.0 or a
+ later version. Licensor may specify additional Change Licenses without
+ limitation.
+
+2. To either: (a) specify an additional grant of rights to use that does not
+ impose any additional restriction on the right granted in this License, as
+ the Additional Use Grant; or (b) insert the text “None”.
+
+3. To specify a Change Date.
+
+4. Not to modify this License in any other way.
diff --git a/enterprise/traefik/25.1.13/README.md b/enterprise/traefik/25.1.13/README.md
new file mode 100644
index 0000000000..0eb2123c77
--- /dev/null
+++ b/enterprise/traefik/25.1.13/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/traefik)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/enterprise/traefik/25.1.13/app-changelog.md b/enterprise/traefik/25.1.13/app-changelog.md
new file mode 100644
index 0000000000..7ee2db0ad9
--- /dev/null
+++ b/enterprise/traefik/25.1.13/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [traefik-25.1.13](https://github.com/truecharts/charts/compare/traefik-25.1.12...traefik-25.1.13) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/traefik to v2.10.7[@1a1f160](https://github.com/1a1f160) by renovate ([#17471](https://github.com/truecharts/charts/issues/17471))
\ No newline at end of file
diff --git a/enterprise/traefik/25.1.13/app-readme.md b/enterprise/traefik/25.1.13/app-readme.md
new file mode 100644
index 0000000000..02206fafcf
--- /dev/null
+++ b/enterprise/traefik/25.1.13/app-readme.md
@@ -0,0 +1,8 @@
+Traefik is a flexible reverse proxy and Ingress Provider.
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/enterprise/velero/3.1.12/charts/common-17.2.26.tgz b/enterprise/traefik/25.1.13/charts/common-17.2.26.tgz
similarity index 100%
rename from enterprise/velero/3.1.12/charts/common-17.2.26.tgz
rename to enterprise/traefik/25.1.13/charts/common-17.2.26.tgz
diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutes.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutes.yaml
new file mode 100644
index 0000000000..bd137f410d
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutes.yaml
@@ -0,0 +1,275 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressroutes.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: IngressRoute
+ listKind: IngressRouteList
+ plural: ingressroutes
+ singular: ingressroute
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRoute is the CRD implementation of a Traefik HTTP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteSpec defines the desired state of IngressRoute.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: Route holds the HTTP route configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the route. Rule is the
+ only supported kind.
+ enum:
+ - Rule
+ type: string
+ match:
+ description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule'
+ type: string
+ middlewares:
+ description: 'Middlewares defines the list of references to
+ Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware'
+ items:
+ description: MiddlewareRef is a reference to a Middleware
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: 'Priority defines the router''s priority. More
+ info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority'
+ type: integer
+ services:
+ description: Services defines the list of Service. It can contain
+ any combination of TraefikService and/or reference to a Kubernetes
+ Service.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client
+ Host header is forwarded to the upstream Kubernetes
+ Service. By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to
+ the client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval,
+ in milliseconds, in between flushes to the client
+ while copying the response body. A negative value
+ means to flush immediately after each write to the
+ client. This configuration is ignored when ReverseProxy
+ recognizes a response as a streaming response; for
+ such responses, writes are flushed to the client
+ immediately. Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the
+ request to the upstream Kubernetes Service. It defaults
+ to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as
+ JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie
+ can only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only
+ be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round
+ Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - kind
+ - match
+ type: object
+ type: array
+ tls:
+ description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls'
+ properties:
+ certResolver:
+ description: 'CertResolver defines the name of the certificate
+ resolver to use. Cert resolvers have to be configured in the
+ static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers'
+ type: string
+ domains:
+ description: 'Domains defines the list of domains that will be
+ used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains'
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: 'Options defines the reference to a TLSOption, that
+ specifies the parameters of the TLS connection. If not defined,
+ the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ name:
+ description: 'Name defines the name of the referenced TLSOption.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption'
+ type: string
+ namespace:
+ description: 'Namespace defines the namespace of the referenced
+ TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption'
+ type: string
+ required:
+ - name
+ type: object
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: Store defines the reference to the TLSStore, that
+ will be used to store certificates. Please note that only `default`
+ TLSStore can be used.
+ properties:
+ name:
+ description: 'Name defines the name of the referenced TLSStore.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore'
+ type: string
+ namespace:
+ description: 'Namespace defines the namespace of the referenced
+ TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore'
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutetcps.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutetcps.yaml
new file mode 100644
index 0000000000..589fe31c18
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressroutetcps.yaml
@@ -0,0 +1,218 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressroutetcps.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: IngressRouteTCP
+ listKind: IngressRouteTCPList
+ plural: ingressroutetcps
+ singular: ingressroutetcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteTCP holds the TCP route configuration.
+ properties:
+ match:
+ description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1'
+ type: string
+ middlewares:
+ description: Middlewares defines the list of references to MiddlewareTCP
+ resources.
+ items:
+ description: ObjectReference is a generic reference to a Traefik
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: 'Priority defines the router''s priority. More
+ info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1'
+ type: integer
+ services:
+ description: Services defines the list of TCP services.
+ items:
+ description: ServiceTCP defines an upstream TCP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ proxyProtocol:
+ description: 'ProxyProtocol defines the PROXY protocol
+ configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol'
+ properties:
+ version:
+ description: Version defines the PROXY Protocol version
+ to use.
+ type: integer
+ type: object
+ terminationDelay:
+ description: TerminationDelay defines the deadline that
+ the proxy sets, after one of its connected peers indicates
+ it has closed the writing capability of its connection,
+ to close the reading capability as well, hence fully
+ terminating the connection. It is a duration in milliseconds,
+ defaulting to 100. A negative value means an infinite
+ deadline (i.e. the reading capability is never closed).
+ type: integer
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ required:
+ - match
+ type: object
+ type: array
+ tls:
+ description: 'TLS defines the TLS configuration on a layer 4 / TCP
+ Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1'
+ properties:
+ certResolver:
+ description: 'CertResolver defines the name of the certificate
+ resolver to use. Cert resolvers have to be configured in the
+ static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers'
+ type: string
+ domains:
+ description: 'Domains defines the list of domains that will be
+ used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains'
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: 'Options defines the reference to a TLSOption, that
+ specifies the parameters of the TLS connection. If not defined,
+ the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ passthrough:
+ description: Passthrough defines whether a TLS router will terminate
+ the TLS connection.
+ type: boolean
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: Store defines the reference to the TLSStore, that
+ will be used to store certificates. Please note that only `default`
+ TLSStore can be used.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressrouteudps.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressrouteudps.yaml
new file mode 100644
index 0000000000..c35ee4dc20
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_ingressrouteudps.yaml
@@ -0,0 +1,105 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressrouteudps.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: IngressRouteUDP
+ listKind: IngressRouteUDPList
+ plural: ingressrouteudps
+ singular: ingressrouteudp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteUDP holds the UDP route configuration.
+ properties:
+ services:
+ description: Services defines the list of UDP services.
+ items:
+ description: ServiceUDP defines an upstream UDP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ type: object
+ type: array
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewares.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewares.yaml
new file mode 100644
index 0000000000..5e14f93fa5
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewares.yaml
@@ -0,0 +1,924 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: middlewares.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: Middleware
+ listKind: MiddlewareList
+ plural: middlewares
+ singular: middleware
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'Middleware is the CRD implementation of a Traefik Middleware.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareSpec defines the desired state of a Middleware.
+ properties:
+ addPrefix:
+ description: 'AddPrefix holds the add prefix middleware configuration.
+ This middleware updates the path of a request before forwarding
+ it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/'
+ properties:
+ prefix:
+ description: Prefix is the string to add before the current path
+ in the requested URL. It should include a leading slash (/).
+ type: string
+ type: object
+ basicAuth:
+ description: 'BasicAuth holds the basic auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/'
+ properties:
+ headerField:
+ description: 'HeaderField defines a header field to store the
+ authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield'
+ type: string
+ realm:
+ description: 'Realm allows the protected resources on a server
+ to be partitioned into a set of protection spaces, each with
+ its own authentication scheme. Default: traefik.'
+ type: string
+ removeHeader:
+ description: 'RemoveHeader sets the removeHeader option to true
+ to remove the authorization header before forwarding the request
+ to your service. Default: false.'
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ buffering:
+ description: 'Buffering holds the buffering middleware configuration.
+ This middleware retries or limits the size of requests that can
+ be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes'
+ properties:
+ maxRequestBodyBytes:
+ description: 'MaxRequestBodyBytes defines the maximum allowed
+ body size for the request (in bytes). If the request exceeds
+ the allowed size, it is not forwarded to the service, and the
+ client gets a 413 (Request Entity Too Large) response. Default:
+ 0 (no maximum).'
+ format: int64
+ type: integer
+ maxResponseBodyBytes:
+ description: 'MaxResponseBodyBytes defines the maximum allowed
+ response size from the service (in bytes). If the response exceeds
+ the allowed size, it is not forwarded to the client. The client
+ gets a 500 (Internal Server Error) response instead. Default:
+ 0 (no maximum).'
+ format: int64
+ type: integer
+ memRequestBodyBytes:
+ description: 'MemRequestBodyBytes defines the threshold (in bytes)
+ from which the request will be buffered on disk instead of in
+ memory. Default: 1048576 (1Mi).'
+ format: int64
+ type: integer
+ memResponseBodyBytes:
+ description: 'MemResponseBodyBytes defines the threshold (in bytes)
+ from which the response will be buffered on disk instead of
+ in memory. Default: 1048576 (1Mi).'
+ format: int64
+ type: integer
+ retryExpression:
+ description: 'RetryExpression defines the retry conditions. It
+ is a logical combination of functions with operators AND (&&)
+ and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression'
+ type: string
+ type: object
+ chain:
+ description: 'Chain holds the configuration of the chain middleware.
+ This middleware enables to define reusable combinations of other
+ pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/'
+ properties:
+ middlewares:
+ description: Middlewares is the list of MiddlewareRef which composes
+ the chain.
+ items:
+ description: MiddlewareRef is a reference to a Middleware resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ circuitBreaker:
+ description: CircuitBreaker holds the circuit breaker configuration.
+ properties:
+ checkPeriod:
+ anyOf:
+ - type: integer
+ - type: string
+ description: CheckPeriod is the interval between successive checks
+ of the circuit breaker condition (when in standby state).
+ x-kubernetes-int-or-string: true
+ expression:
+ description: Expression is the condition that triggers the tripped
+ state.
+ type: string
+ fallbackDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: FallbackDuration is the duration for which the circuit
+ breaker will wait before trying to recover (from a tripped state).
+ x-kubernetes-int-or-string: true
+ recoveryDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: RecoveryDuration is the duration for which the circuit
+ breaker will try to recover (as soon as it is in recovering
+ state).
+ x-kubernetes-int-or-string: true
+ type: object
+ compress:
+ description: 'Compress holds the compress middleware configuration.
+ This middleware compresses responses before sending them to the
+ client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/'
+ properties:
+ excludedContentTypes:
+ description: ExcludedContentTypes defines the list of content
+ types to compare the Content-Type header of the incoming requests
+ and responses before compressing.
+ items:
+ type: string
+ type: array
+ minResponseBodyBytes:
+ description: 'MinResponseBodyBytes defines the minimum amount
+ of bytes a response body must have to be compressed. Default:
+ 1024.'
+ type: integer
+ type: object
+ contentType:
+ description: ContentType holds the content-type middleware configuration.
+ This middleware exists to enable the correct behavior until at least
+ the default one can be changed in a future version.
+ properties:
+ autoDetect:
+ description: AutoDetect specifies whether to let the `Content-Type`
+ header, if it has not been set by the backend, be automatically
+ set to a value derived from the contents of the response. As
+ a proxy, the default behavior should be to leave the header
+ alone, regardless of what the backend did with it. However,
+ the historic default was to always auto-detect and set the header
+ if it was nil, and it is going to be kept that way in order
+ to support users currently relying on it.
+ type: boolean
+ type: object
+ digestAuth:
+ description: 'DigestAuth holds the digest auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/'
+ properties:
+ headerField:
+ description: 'HeaderField defines a header field to store the
+ authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield'
+ type: string
+ realm:
+ description: 'Realm allows the protected resources on a server
+ to be partitioned into a set of protection spaces, each with
+ its own authentication scheme. Default: traefik.'
+ type: string
+ removeHeader:
+ description: RemoveHeader defines whether to remove the authorization
+ header before forwarding the request to the backend.
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ errors:
+ description: 'ErrorPage holds the custom error middleware configuration.
+ This middleware returns a custom page in lieu of the default, according
+ to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/'
+ properties:
+ query:
+ description: Query defines the URL for the error page (hosted
+ by service). The {status} variable can be used in order to insert
+ the status code in the URL.
+ type: string
+ service:
+ description: 'Service defines the reference to a Kubernetes Service
+ that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service'
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between the
+ two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if
+ the only child is the Kubernetes Service clusterIP. The
+ Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in milliseconds,
+ in between flushes to the client while copying the response
+ body. A negative value means to flush immediately after
+ each write to the client. This configuration is ignored
+ when ReverseProxy recognizes a response as a streaming
+ response; for such responses, writes are flushed to
+ the client immediately. Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport between
+ Traefik and your servers. Can only be used on a Kubernetes
+ Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can
+ be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported value
+ at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object (and
+ to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ status:
+ description: Status defines which status or range of statuses
+ should result in an error page. It can be either a status code
+ as a number (500), as multiple comma-separated numbers (500,502),
+ as ranges by separating two codes with a dash (500-599), or
+ a combination of the two (404,418,500-599).
+ items:
+ type: string
+ type: array
+ type: object
+ forwardAuth:
+ description: 'ForwardAuth holds the forward auth middleware configuration.
+ This middleware delegates the request authentication to a Service.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/'
+ properties:
+ address:
+ description: Address defines the authentication server address.
+ type: string
+ authRequestHeaders:
+ description: AuthRequestHeaders defines the list of the headers
+ to copy from the request to the authentication server. If not
+ set or empty then all request headers are passed.
+ items:
+ type: string
+ type: array
+ authResponseHeaders:
+ description: AuthResponseHeaders defines the list of headers to
+ copy from the authentication server response and set on forwarded
+ request, replacing any existing conflicting headers.
+ items:
+ type: string
+ type: array
+ authResponseHeadersRegex:
+ description: 'AuthResponseHeadersRegex defines the regex to match
+ headers to copy from the authentication server response and
+ set on forwarded request, after stripping all headers that match
+ the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex'
+ type: string
+ tls:
+ description: TLS defines the configuration used to secure the
+ connection to the authentication server.
+ properties:
+ caOptional:
+ type: boolean
+ caSecret:
+ description: CASecret is the name of the referenced Kubernetes
+ Secret containing the CA to validate the server certificate.
+ The CA certificate is extracted from key `tls.ca` or `ca.crt`.
+ type: string
+ certSecret:
+ description: CertSecret is the name of the referenced Kubernetes
+ Secret containing the client certificate. The client certificate
+ is extracted from the keys `tls.crt` and `tls.key`.
+ type: string
+ insecureSkipVerify:
+ description: InsecureSkipVerify defines whether the server
+ certificates should be validated.
+ type: boolean
+ type: object
+ trustForwardHeader:
+ description: 'TrustForwardHeader defines whether to trust (ie:
+ forward) all X-Forwarded-* headers.'
+ type: boolean
+ type: object
+ headers:
+ description: 'Headers holds the headers middleware configuration.
+ This middleware manages the requests and responses headers. More
+ info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders'
+ properties:
+ accessControlAllowCredentials:
+ description: AccessControlAllowCredentials defines whether the
+ request can include user credentials.
+ type: boolean
+ accessControlAllowHeaders:
+ description: AccessControlAllowHeaders defines the Access-Control-Request-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowMethods:
+ description: AccessControlAllowMethods defines the Access-Control-Request-Method
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginList:
+ description: AccessControlAllowOriginList is a list of allowable
+ origins. Can also be a wildcard origin "*".
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginListRegex:
+ description: AccessControlAllowOriginListRegex is a list of allowable
+ origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/).
+ items:
+ type: string
+ type: array
+ accessControlExposeHeaders:
+ description: AccessControlExposeHeaders defines the Access-Control-Expose-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlMaxAge:
+ description: AccessControlMaxAge defines the time that a preflight
+ request may be cached.
+ format: int64
+ type: integer
+ addVaryHeader:
+ description: AddVaryHeader defines whether the Vary header is
+ automatically added/updated when the AccessControlAllowOriginList
+ is set.
+ type: boolean
+ allowedHosts:
+ description: AllowedHosts defines the fully qualified list of
+ allowed domain names.
+ items:
+ type: string
+ type: array
+ browserXssFilter:
+ description: BrowserXSSFilter defines whether to add the X-XSS-Protection
+ header with the value 1; mode=block.
+ type: boolean
+ contentSecurityPolicy:
+ description: ContentSecurityPolicy defines the Content-Security-Policy
+ header value.
+ type: string
+ contentTypeNosniff:
+ description: ContentTypeNosniff defines whether to add the X-Content-Type-Options
+ header with the nosniff value.
+ type: boolean
+ customBrowserXSSValue:
+ description: CustomBrowserXSSValue defines the X-XSS-Protection
+ header value. This overrides the BrowserXssFilter option.
+ type: string
+ customFrameOptionsValue:
+ description: CustomFrameOptionsValue defines the X-Frame-Options
+ header value. This overrides the FrameDeny option.
+ type: string
+ customRequestHeaders:
+ additionalProperties:
+ type: string
+ description: CustomRequestHeaders defines the header names and
+ values to apply to the request.
+ type: object
+ customResponseHeaders:
+ additionalProperties:
+ type: string
+ description: CustomResponseHeaders defines the header names and
+ values to apply to the response.
+ type: object
+ featurePolicy:
+ description: 'Deprecated: use PermissionsPolicy instead.'
+ type: string
+ forceSTSHeader:
+ description: ForceSTSHeader defines whether to add the STS header
+ even when the connection is HTTP.
+ type: boolean
+ frameDeny:
+ description: FrameDeny defines whether to add the X-Frame-Options
+ header with the DENY value.
+ type: boolean
+ hostsProxyHeaders:
+ description: HostsProxyHeaders defines the header keys that may
+ hold a proxied hostname value for the request.
+ items:
+ type: string
+ type: array
+ isDevelopment:
+ description: IsDevelopment defines whether to mitigate the unwanted
+ effects of the AllowedHosts, SSL, and STS options when developing.
+ Usually testing takes place using HTTP, not HTTPS, and on localhost,
+ not your production domain. If you would like your development
+ environment to mimic production with complete Host blocking,
+ SSL redirects, and STS headers, leave this as false.
+ type: boolean
+ permissionsPolicy:
+ description: PermissionsPolicy defines the Permissions-Policy
+ header value. This allows sites to control browser features.
+ type: string
+ publicKey:
+ description: PublicKey is the public key that implements HPKP
+ to prevent MITM attacks with forged certificates.
+ type: string
+ referrerPolicy:
+ description: ReferrerPolicy defines the Referrer-Policy header
+ value. This allows sites to control whether browsers forward
+ the Referer header to other sites.
+ type: string
+ sslForceHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: boolean
+ sslHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: string
+ sslProxyHeaders:
+ additionalProperties:
+ type: string
+ description: 'SSLProxyHeaders defines the header keys with associated
+ values that would indicate a valid HTTPS request. It can be
+ useful when using other proxies (example: "X-Forwarded-Proto":
+ "https").'
+ type: object
+ sslRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ sslTemporaryRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ stsIncludeSubdomains:
+ description: STSIncludeSubdomains defines whether the includeSubDomains
+ directive is appended to the Strict-Transport-Security header.
+ type: boolean
+ stsPreload:
+ description: STSPreload defines whether the preload flag is appended
+ to the Strict-Transport-Security header.
+ type: boolean
+ stsSeconds:
+ description: STSSeconds defines the max-age of the Strict-Transport-Security
+ header. If set to 0, the header is not set.
+ format: int64
+ type: integer
+ type: object
+ inFlightReq:
+ description: 'InFlightReq holds the in-flight request middleware configuration.
+ This middleware limits the number of requests being processed and
+ served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/'
+ properties:
+ amount:
+ description: Amount defines the maximum amount of allowed simultaneous
+ in-flight request. The middleware responds with HTTP 429 Too
+ Many Requests if there are already amount requests in progress
+ (based on the same sourceCriterion strategy).
+ format: int64
+ type: integer
+ sourceCriterion:
+ description: 'SourceCriterion defines what criterion is used to
+ group requests as originating from a common source. If several
+ strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the requestHost. More
+ info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion'
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration
+ used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ ipWhiteList:
+ description: 'IPWhiteList holds the IP whitelist middleware configuration.
+ This middleware accepts / refuses requests based on the client IP.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/'
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration used
+ by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position (starting
+ from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the X-Forwarded-For
+ header and select the first IP not in the list.
+ items:
+ type: string
+ type: array
+ type: object
+ sourceRange:
+ description: SourceRange defines the set of allowed IPs (or ranges
+ of allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ passTLSClientCert:
+ description: 'PassTLSClientCert holds the pass TLS client cert middleware
+ configuration. This middleware adds the selected data from the passed
+ client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/'
+ properties:
+ info:
+ description: Info selects the specific client certificate details
+ you want to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ issuer:
+ description: Issuer defines the client certificate issuer
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the issuer.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the issuer.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the issuer.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the issuer.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the issuer.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the issuer.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the issuer.
+ type: boolean
+ type: object
+ notAfter:
+ description: NotAfter defines whether to add the Not After
+ information from the Validity part.
+ type: boolean
+ notBefore:
+ description: NotBefore defines whether to add the Not Before
+ information from the Validity part.
+ type: boolean
+ sans:
+ description: Sans defines whether to add the Subject Alternative
+ Name information from the Subject Alternative Name part.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the client
+ serialNumber information.
+ type: boolean
+ subject:
+ description: Subject defines the client certificate subject
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the subject.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the subject.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the subject.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the subject.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the subject.
+ type: boolean
+ organizationalUnit:
+ description: OrganizationalUnit defines whether to add
+ the organizationalUnit information into the subject.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the subject.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the subject.
+ type: boolean
+ type: object
+ type: object
+ pem:
+ description: PEM sets the X-Forwarded-Tls-Client-Cert header with
+ the certificate.
+ type: boolean
+ type: object
+ plugin:
+ additionalProperties:
+ x-kubernetes-preserve-unknown-fields: true
+ description: 'Plugin defines the middleware plugin configuration.
+ More info: https://doc.traefik.io/traefik/plugins/'
+ type: object
+ rateLimit:
+ description: 'RateLimit holds the rate limit configuration. This middleware
+ ensures that services will receive a fair amount of requests, and
+ allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/'
+ properties:
+ average:
+ description: Average is the maximum rate, by default in requests/s,
+ allowed for the given source. It defaults to 0, which means
+ no rate limiting. The rate is actually defined by dividing Average
+ by Period. So for a rate below 1req/s, one needs to define a
+ Period larger than a second.
+ format: int64
+ type: integer
+ burst:
+ description: Burst is the maximum number of requests allowed to
+ arrive in the same arbitrarily small period of time. It defaults
+ to 1.
+ format: int64
+ type: integer
+ period:
+ anyOf:
+ - type: integer
+ - type: string
+ description: 'Period, in combination with Average, defines the
+ actual maximum rate, such as: r = Average / Period. It defaults
+ to a second.'
+ x-kubernetes-int-or-string: true
+ sourceCriterion:
+ description: SourceCriterion defines what criterion is used to
+ group requests as originating from a common source. If several
+ strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the request's remote
+ address field (as an ipStrategy).
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration
+ used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ redirectRegex:
+ description: 'RedirectRegex holds the redirect regex middleware configuration.
+ This middleware redirects a request using regex matching and replacement.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex'
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ regex:
+ description: Regex defines the regex used to match and capture
+ elements from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines how to modify the URL to have
+ the new target URL.
+ type: string
+ type: object
+ redirectScheme:
+ description: 'RedirectScheme holds the redirect scheme middleware
+ configuration. This middleware redirects requests from a scheme/port
+ to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/'
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ port:
+ description: Port defines the port of the new URL.
+ type: string
+ scheme:
+ description: Scheme defines the scheme of the new URL.
+ type: string
+ type: object
+ replacePath:
+ description: 'ReplacePath holds the replace path middleware configuration.
+ This middleware replaces the path of the request URL and store the
+ original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/'
+ properties:
+ path:
+ description: Path defines the path to use as replacement in the
+ request URL.
+ type: string
+ type: object
+ replacePathRegex:
+ description: 'ReplacePathRegex holds the replace path regex middleware
+ configuration. This middleware replaces the path of a URL using
+ regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/'
+ properties:
+ regex:
+ description: Regex defines the regular expression used to match
+ and capture the path from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines the replacement path format,
+ which can include captured variables.
+ type: string
+ type: object
+ retry:
+ description: 'Retry holds the retry middleware configuration. This
+ middleware reissues requests a given number of times to a backend
+ server if that server does not reply. As soon as the server answers,
+ the middleware stops retrying, regardless of the response status.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/'
+ properties:
+ attempts:
+ description: Attempts defines how many times the request should
+ be retried.
+ type: integer
+ initialInterval:
+ anyOf:
+ - type: integer
+ - type: string
+ description: InitialInterval defines the first wait time in the
+ exponential backoff series. The maximum interval is calculated
+ as twice the initialInterval. If unspecified, requests will
+ be retried immediately. The value of initialInterval should
+ be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration.
+ x-kubernetes-int-or-string: true
+ type: object
+ stripPrefix:
+ description: 'StripPrefix holds the strip prefix middleware configuration.
+ This middleware removes the specified prefixes from the URL path.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/'
+ properties:
+ forceSlash:
+ description: 'ForceSlash ensures that the resulting stripped path
+ is not the empty string, by replacing it with / when necessary.
+ Default: true.'
+ type: boolean
+ prefixes:
+ description: Prefixes defines the prefixes to strip from the request
+ URL.
+ items:
+ type: string
+ type: array
+ type: object
+ stripPrefixRegex:
+ description: 'StripPrefixRegex holds the strip prefix regex middleware
+ configuration. This middleware removes the matching prefixes from
+ the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/'
+ properties:
+ regex:
+ description: Regex defines the regular expression to match the
+ path prefix from the request URL.
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewaretcps.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewaretcps.yaml
new file mode 100644
index 0000000000..85302fa823
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_middlewaretcps.yaml
@@ -0,0 +1,72 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: middlewaretcps.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: MiddlewareTCP
+ listKind: MiddlewareTCPList
+ plural: middlewaretcps
+ singular: middlewaretcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareTCPSpec defines the desired state of a MiddlewareTCP.
+ properties:
+ inFlightConn:
+ description: InFlightConn defines the InFlightConn middleware configuration.
+ properties:
+ amount:
+ description: Amount defines the maximum amount of allowed simultaneous
+ connections. The middleware closes the connection if there are
+ already amount connections opened.
+ format: int64
+ type: integer
+ type: object
+ ipWhiteList:
+ description: IPWhiteList defines the IPWhiteList middleware configuration.
+ properties:
+ sourceRange:
+ description: SourceRange defines the allowed IPs (or ranges of
+ allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_serverstransports.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_serverstransports.yaml
new file mode 100644
index 0000000000..d6fc3a92db
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_serverstransports.yaml
@@ -0,0 +1,128 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: serverstransports.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: ServersTransport
+ listKind: ServersTransportList
+ plural: serverstransports
+ singular: serverstransport
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'ServersTransport is the CRD implementation of a ServersTransport.
+ If no serversTransport is specified, the default@internal will be used.
+ The default@internal serversTransport is created from the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ServersTransportSpec defines the desired state of a ServersTransport.
+ properties:
+ certificatesSecrets:
+ description: CertificatesSecrets defines a list of secret storing
+ client certificates for mTLS.
+ items:
+ type: string
+ type: array
+ disableHTTP2:
+ description: DisableHTTP2 disables HTTP/2 for connections with backend
+ servers.
+ type: boolean
+ forwardingTimeouts:
+ description: ForwardingTimeouts defines the timeouts for requests
+ forwarded to the backend servers.
+ properties:
+ dialTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialTimeout is the amount of time to wait until a
+ connection to a backend server can be established.
+ x-kubernetes-int-or-string: true
+ idleConnTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: IdleConnTimeout is the maximum period for which an
+ idle HTTP keep-alive connection will remain open before closing
+ itself.
+ x-kubernetes-int-or-string: true
+ pingTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: PingTimeout is the timeout after which the HTTP/2
+ connection will be closed if a response to ping is not received.
+ x-kubernetes-int-or-string: true
+ readIdleTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ReadIdleTimeout is the timeout after which a health
+ check using ping frame will be carried out if no frame is received
+ on the HTTP/2 connection.
+ x-kubernetes-int-or-string: true
+ responseHeaderTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ResponseHeaderTimeout is the amount of time to wait
+ for a server's response headers after fully writing the request
+ (including its body, if any).
+ x-kubernetes-int-or-string: true
+ type: object
+ insecureSkipVerify:
+ description: InsecureSkipVerify disables SSL certificate verification.
+ type: boolean
+ maxIdleConnsPerHost:
+ description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
+ to keep per-host.
+ type: integer
+ peerCertURI:
+ description: PeerCertURI defines the peer cert URI used to match against
+ SAN URI during the peer certificate verification.
+ type: string
+ rootCAsSecrets:
+ description: RootCAsSecrets defines a list of CA secret used to validate
+ self-signed certificate.
+ items:
+ type: string
+ type: array
+ serverName:
+ description: ServerName defines the server name used to contact the
+ server.
+ type: string
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsoptions.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsoptions.yaml
new file mode 100644
index 0000000000..73667667a3
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsoptions.yaml
@@ -0,0 +1,113 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: tlsoptions.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: TLSOption
+ listKind: TLSOptionList
+ plural: tlsoptions
+ singular: tlsoption
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TLSOption is the CRD implementation of a Traefik TLS Option,
+ allowing to configure some parameters of the TLS connection. More info:
+ https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSOptionSpec defines the desired state of a TLSOption.
+ properties:
+ alpnProtocols:
+ description: 'ALPNProtocols defines the list of supported application
+ level protocols for the TLS handshake, in order of preference. More
+ info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols'
+ items:
+ type: string
+ type: array
+ cipherSuites:
+ description: 'CipherSuites defines the list of supported cipher suites
+ for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites'
+ items:
+ type: string
+ type: array
+ clientAuth:
+ description: ClientAuth defines the server's policy for TLS Client
+ Authentication.
+ properties:
+ clientAuthType:
+ description: ClientAuthType defines the client authentication
+ type to apply.
+ enum:
+ - NoClientCert
+ - RequestClientCert
+ - RequireAnyClientCert
+ - VerifyClientCertIfGiven
+ - RequireAndVerifyClientCert
+ type: string
+ secretNames:
+ description: SecretNames defines the names of the referenced Kubernetes
+ Secret storing certificate details.
+ items:
+ type: string
+ type: array
+ type: object
+ curvePreferences:
+ description: 'CurvePreferences defines the preferred elliptic curves
+ in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences'
+ items:
+ type: string
+ type: array
+ maxVersion:
+ description: 'MaxVersion defines the maximum TLS version that Traefik
+ will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
+ VersionTLS13. Default: None.'
+ type: string
+ minVersion:
+ description: 'MinVersion defines the minimum TLS version that Traefik
+ will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
+ VersionTLS13. Default: VersionTLS10.'
+ type: string
+ preferServerCipherSuites:
+ description: 'PreferServerCipherSuites defines whether the server
+ chooses a cipher suite among his own instead of among the client''s.
+ It is enabled automatically when minVersion or maxVersion is set.
+ Deprecated: https://github.com/golang/go/issues/45430'
+ type: boolean
+ sniStrict:
+ description: SniStrict defines whether Traefik allows connections
+ from clients connections that do not specify a server_name extension.
+ type: boolean
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsstores.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsstores.yaml
new file mode 100644
index 0000000000..12f0ad37d8
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_tlsstores.yaml
@@ -0,0 +1,99 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: tlsstores.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: TLSStore
+ listKind: TLSStoreList
+ plural: tlsstores
+ singular: tlsstore
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For
+ the time being, only the TLSStore named default is supported. This means
+ that you cannot have two stores that are named default in different Kubernetes
+ namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSStoreSpec defines the desired state of a TLSStore.
+ properties:
+ certificates:
+ description: Certificates is a list of secret names, each secret holding
+ a key/certificate pair to add to the store.
+ items:
+ description: Certificate holds a secret name for the TLSStore resource.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ type: array
+ defaultCertificate:
+ description: DefaultCertificate defines the default certificate configuration.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ defaultGeneratedCert:
+ description: DefaultGeneratedCert defines the default generated certificate
+ configuration.
+ properties:
+ domain:
+ description: Domain is the domain definition for the DefaultCertificate.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain names.
+ items:
+ type: string
+ type: array
+ type: object
+ resolver:
+ description: Resolver is the name of the resolver that will be
+ used to issue the DefaultCertificate.
+ type: string
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.containo.us_traefikservices.yaml b/enterprise/traefik/25.1.13/crds/traefik.containo.us_traefikservices.yaml
new file mode 100644
index 0000000000..0dcf470034
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.containo.us_traefikservices.yaml
@@ -0,0 +1,402 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: traefikservices.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: TraefikService
+ listKind: TraefikServiceList
+ plural: traefikservices
+ singular: traefikservice
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TraefikService is the CRD implementation of a Traefik Service.
+ TraefikService object allows to: - Apply weight to Services on load-balancing
+ - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TraefikServiceSpec defines the desired state of a TraefikService.
+ properties:
+ mirroring:
+ description: Mirroring defines the Mirroring service configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ maxBodySize:
+ description: MaxBodySize defines the maximum size allowed for
+ the body of the request. If the body is larger, the request
+ is not mirrored. Default value is -1, which means unlimited
+ size.
+ format: int64
+ type: integer
+ mirrors:
+ description: Mirrors defines the list of mirrors where Traefik
+ will duplicate the traffic.
+ items:
+ description: MirrorService holds the mirror configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or
+ if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ percent:
+ description: 'Percent defines the part of the traffic to
+ mirror. Supported values: 0 to 100.'
+ type: integer
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in
+ milliseconds, in between flushes to the client while
+ copying the response body. A negative value means
+ to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes
+ a response as a streaming response; for such responses,
+ writes are flushed to the client immediately. Default:
+ 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between the two
+ is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the
+ only child is the Kubernetes Service clusterIP. The Kubernetes
+ Service itself does load-balance to the pods. By default, NativeLB
+ is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host header
+ is forwarded to the upstream Kubernetes Service. By default,
+ passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service. This
+ can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards the
+ response from the upstream Kubernetes Service to the client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in milliseconds,
+ in between flushes to the client while copying the response
+ body. A negative value means to flush immediately after
+ each write to the client. This configuration is ignored
+ when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https when
+ Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport between
+ Traefik and your servers. Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy. More
+ info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy between
+ the servers. RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be specified
+ when Name references a TraefikService object (and to be precise,
+ one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ weighted:
+ description: Weighted defines the Weighted Round Robin configuration.
+ properties:
+ services:
+ description: Services defines the list of Kubernetes Service and/or
+ TraefikService to load-balance, with weight.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or
+ if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in
+ milliseconds, in between flushes to the client while
+ copying the response body. A negative value means
+ to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes
+ a response as a streaming response; for such responses,
+ writes are flushed to the client immediately. Default:
+ 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ sticky:
+ description: 'Sticky defines whether sticky sessions are enabled.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy. More
+ info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutes.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutes.yaml
new file mode 100644
index 0000000000..89aaee7595
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutes.yaml
@@ -0,0 +1,275 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressroutes.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: IngressRoute
+ listKind: IngressRouteList
+ plural: ingressroutes
+ singular: ingressroute
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRoute is the CRD implementation of a Traefik HTTP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteSpec defines the desired state of IngressRoute.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: Route holds the HTTP route configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the route. Rule is the
+ only supported kind.
+ enum:
+ - Rule
+ type: string
+ match:
+ description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule'
+ type: string
+ middlewares:
+ description: 'Middlewares defines the list of references to
+ Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware'
+ items:
+ description: MiddlewareRef is a reference to a Middleware
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: 'Priority defines the router''s priority. More
+ info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority'
+ type: integer
+ services:
+ description: Services defines the list of Service. It can contain
+ any combination of TraefikService and/or reference to a Kubernetes
+ Service.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client
+ Host header is forwarded to the upstream Kubernetes
+ Service. By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to
+ the client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval,
+ in milliseconds, in between flushes to the client
+ while copying the response body. A negative value
+ means to flush immediately after each write to the
+ client. This configuration is ignored when ReverseProxy
+ recognizes a response as a streaming response; for
+ such responses, writes are flushed to the client
+ immediately. Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the
+ request to the upstream Kubernetes Service. It defaults
+ to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as
+ JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie
+ can only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only
+ be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round
+ Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - kind
+ - match
+ type: object
+ type: array
+ tls:
+ description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls'
+ properties:
+ certResolver:
+ description: 'CertResolver defines the name of the certificate
+ resolver to use. Cert resolvers have to be configured in the
+ static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers'
+ type: string
+ domains:
+ description: 'Domains defines the list of domains that will be
+ used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains'
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: 'Options defines the reference to a TLSOption, that
+ specifies the parameters of the TLS connection. If not defined,
+ the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ name:
+ description: 'Name defines the name of the referenced TLSOption.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption'
+ type: string
+ namespace:
+ description: 'Namespace defines the namespace of the referenced
+ TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption'
+ type: string
+ required:
+ - name
+ type: object
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: Store defines the reference to the TLSStore, that
+ will be used to store certificates. Please note that only `default`
+ TLSStore can be used.
+ properties:
+ name:
+ description: 'Name defines the name of the referenced TLSStore.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore'
+ type: string
+ namespace:
+ description: 'Namespace defines the namespace of the referenced
+ TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore'
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutetcps.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutetcps.yaml
new file mode 100644
index 0000000000..82f61ac24f
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.io_ingressroutetcps.yaml
@@ -0,0 +1,218 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressroutetcps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: IngressRouteTCP
+ listKind: IngressRouteTCPList
+ plural: ingressroutetcps
+ singular: ingressroutetcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteTCP holds the TCP route configuration.
+ properties:
+ match:
+ description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1'
+ type: string
+ middlewares:
+ description: Middlewares defines the list of references to MiddlewareTCP
+ resources.
+ items:
+ description: ObjectReference is a generic reference to a Traefik
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: 'Priority defines the router''s priority. More
+ info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1'
+ type: integer
+ services:
+ description: Services defines the list of TCP services.
+ items:
+ description: ServiceTCP defines an upstream TCP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ proxyProtocol:
+ description: 'ProxyProtocol defines the PROXY protocol
+ configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol'
+ properties:
+ version:
+ description: Version defines the PROXY Protocol version
+ to use.
+ type: integer
+ type: object
+ terminationDelay:
+ description: TerminationDelay defines the deadline that
+ the proxy sets, after one of its connected peers indicates
+ it has closed the writing capability of its connection,
+ to close the reading capability as well, hence fully
+ terminating the connection. It is a duration in milliseconds,
+ defaulting to 100. A negative value means an infinite
+ deadline (i.e. the reading capability is never closed).
+ type: integer
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ required:
+ - match
+ type: object
+ type: array
+ tls:
+ description: 'TLS defines the TLS configuration on a layer 4 / TCP
+ Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1'
+ properties:
+ certResolver:
+ description: 'CertResolver defines the name of the certificate
+ resolver to use. Cert resolvers have to be configured in the
+ static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers'
+ type: string
+ domains:
+ description: 'Domains defines the list of domains that will be
+ used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains'
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: 'Options defines the reference to a TLSOption, that
+ specifies the parameters of the TLS connection. If not defined,
+ the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ passthrough:
+ description: Passthrough defines whether a TLS router will terminate
+ the TLS connection.
+ type: boolean
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: Store defines the reference to the TLSStore, that
+ will be used to store certificates. Please note that only `default`
+ TLSStore can be used.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_ingressrouteudps.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_ingressrouteudps.yaml
new file mode 100644
index 0000000000..27c50185d0
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.io_ingressrouteudps.yaml
@@ -0,0 +1,105 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressrouteudps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: IngressRouteUDP
+ listKind: IngressRouteUDPList
+ plural: ingressrouteudps
+ singular: ingressrouteudp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteUDP holds the UDP route configuration.
+ properties:
+ services:
+ description: Services defines the list of UDP services.
+ items:
+ description: ServiceUDP defines an upstream UDP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ type: object
+ type: array
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_middlewares.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_middlewares.yaml
new file mode 100644
index 0000000000..5a4dc3640f
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.io_middlewares.yaml
@@ -0,0 +1,924 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: middlewares.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: Middleware
+ listKind: MiddlewareList
+ plural: middlewares
+ singular: middleware
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'Middleware is the CRD implementation of a Traefik Middleware.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareSpec defines the desired state of a Middleware.
+ properties:
+ addPrefix:
+ description: 'AddPrefix holds the add prefix middleware configuration.
+ This middleware updates the path of a request before forwarding
+ it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/'
+ properties:
+ prefix:
+ description: Prefix is the string to add before the current path
+ in the requested URL. It should include a leading slash (/).
+ type: string
+ type: object
+ basicAuth:
+ description: 'BasicAuth holds the basic auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/'
+ properties:
+ headerField:
+ description: 'HeaderField defines a header field to store the
+ authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield'
+ type: string
+ realm:
+ description: 'Realm allows the protected resources on a server
+ to be partitioned into a set of protection spaces, each with
+ its own authentication scheme. Default: traefik.'
+ type: string
+ removeHeader:
+ description: 'RemoveHeader sets the removeHeader option to true
+ to remove the authorization header before forwarding the request
+ to your service. Default: false.'
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ buffering:
+ description: 'Buffering holds the buffering middleware configuration.
+ This middleware retries or limits the size of requests that can
+ be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes'
+ properties:
+ maxRequestBodyBytes:
+ description: 'MaxRequestBodyBytes defines the maximum allowed
+ body size for the request (in bytes). If the request exceeds
+ the allowed size, it is not forwarded to the service, and the
+ client gets a 413 (Request Entity Too Large) response. Default:
+ 0 (no maximum).'
+ format: int64
+ type: integer
+ maxResponseBodyBytes:
+ description: 'MaxResponseBodyBytes defines the maximum allowed
+ response size from the service (in bytes). If the response exceeds
+ the allowed size, it is not forwarded to the client. The client
+ gets a 500 (Internal Server Error) response instead. Default:
+ 0 (no maximum).'
+ format: int64
+ type: integer
+ memRequestBodyBytes:
+ description: 'MemRequestBodyBytes defines the threshold (in bytes)
+ from which the request will be buffered on disk instead of in
+ memory. Default: 1048576 (1Mi).'
+ format: int64
+ type: integer
+ memResponseBodyBytes:
+ description: 'MemResponseBodyBytes defines the threshold (in bytes)
+ from which the response will be buffered on disk instead of
+ in memory. Default: 1048576 (1Mi).'
+ format: int64
+ type: integer
+ retryExpression:
+ description: 'RetryExpression defines the retry conditions. It
+ is a logical combination of functions with operators AND (&&)
+ and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression'
+ type: string
+ type: object
+ chain:
+ description: 'Chain holds the configuration of the chain middleware.
+ This middleware enables to define reusable combinations of other
+ pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/'
+ properties:
+ middlewares:
+ description: Middlewares is the list of MiddlewareRef which composes
+ the chain.
+ items:
+ description: MiddlewareRef is a reference to a Middleware resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ circuitBreaker:
+ description: CircuitBreaker holds the circuit breaker configuration.
+ properties:
+ checkPeriod:
+ anyOf:
+ - type: integer
+ - type: string
+ description: CheckPeriod is the interval between successive checks
+ of the circuit breaker condition (when in standby state).
+ x-kubernetes-int-or-string: true
+ expression:
+ description: Expression is the condition that triggers the tripped
+ state.
+ type: string
+ fallbackDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: FallbackDuration is the duration for which the circuit
+ breaker will wait before trying to recover (from a tripped state).
+ x-kubernetes-int-or-string: true
+ recoveryDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: RecoveryDuration is the duration for which the circuit
+ breaker will try to recover (as soon as it is in recovering
+ state).
+ x-kubernetes-int-or-string: true
+ type: object
+ compress:
+ description: 'Compress holds the compress middleware configuration.
+ This middleware compresses responses before sending them to the
+ client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/'
+ properties:
+ excludedContentTypes:
+ description: ExcludedContentTypes defines the list of content
+ types to compare the Content-Type header of the incoming requests
+ and responses before compressing.
+ items:
+ type: string
+ type: array
+ minResponseBodyBytes:
+ description: 'MinResponseBodyBytes defines the minimum amount
+ of bytes a response body must have to be compressed. Default:
+ 1024.'
+ type: integer
+ type: object
+ contentType:
+ description: ContentType holds the content-type middleware configuration.
+ This middleware exists to enable the correct behavior until at least
+ the default one can be changed in a future version.
+ properties:
+ autoDetect:
+ description: AutoDetect specifies whether to let the `Content-Type`
+ header, if it has not been set by the backend, be automatically
+ set to a value derived from the contents of the response. As
+ a proxy, the default behavior should be to leave the header
+ alone, regardless of what the backend did with it. However,
+ the historic default was to always auto-detect and set the header
+ if it was nil, and it is going to be kept that way in order
+ to support users currently relying on it.
+ type: boolean
+ type: object
+ digestAuth:
+ description: 'DigestAuth holds the digest auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/'
+ properties:
+ headerField:
+ description: 'HeaderField defines a header field to store the
+ authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield'
+ type: string
+ realm:
+ description: 'Realm allows the protected resources on a server
+ to be partitioned into a set of protection spaces, each with
+ its own authentication scheme. Default: traefik.'
+ type: string
+ removeHeader:
+ description: RemoveHeader defines whether to remove the authorization
+ header before forwarding the request to the backend.
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ errors:
+ description: 'ErrorPage holds the custom error middleware configuration.
+ This middleware returns a custom page in lieu of the default, according
+ to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/'
+ properties:
+ query:
+ description: Query defines the URL for the error page (hosted
+ by service). The {status} variable can be used in order to insert
+ the status code in the URL.
+ type: string
+ service:
+ description: 'Service defines the reference to a Kubernetes Service
+ that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service'
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between the
+ two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if
+ the only child is the Kubernetes Service clusterIP. The
+ Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in milliseconds,
+ in between flushes to the client while copying the response
+ body. A negative value means to flush immediately after
+ each write to the client. This configuration is ignored
+ when ReverseProxy recognizes a response as a streaming
+ response; for such responses, writes are flushed to
+ the client immediately. Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport between
+ Traefik and your servers. Can only be used on a Kubernetes
+ Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can
+ be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported value
+ at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object (and
+ to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ status:
+ description: Status defines which status or range of statuses
+ should result in an error page. It can be either a status code
+ as a number (500), as multiple comma-separated numbers (500,502),
+ as ranges by separating two codes with a dash (500-599), or
+ a combination of the two (404,418,500-599).
+ items:
+ type: string
+ type: array
+ type: object
+ forwardAuth:
+ description: 'ForwardAuth holds the forward auth middleware configuration.
+ This middleware delegates the request authentication to a Service.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/'
+ properties:
+ address:
+ description: Address defines the authentication server address.
+ type: string
+ authRequestHeaders:
+ description: AuthRequestHeaders defines the list of the headers
+ to copy from the request to the authentication server. If not
+ set or empty then all request headers are passed.
+ items:
+ type: string
+ type: array
+ authResponseHeaders:
+ description: AuthResponseHeaders defines the list of headers to
+ copy from the authentication server response and set on forwarded
+ request, replacing any existing conflicting headers.
+ items:
+ type: string
+ type: array
+ authResponseHeadersRegex:
+ description: 'AuthResponseHeadersRegex defines the regex to match
+ headers to copy from the authentication server response and
+ set on forwarded request, after stripping all headers that match
+ the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex'
+ type: string
+ tls:
+ description: TLS defines the configuration used to secure the
+ connection to the authentication server.
+ properties:
+ caOptional:
+ type: boolean
+ caSecret:
+ description: CASecret is the name of the referenced Kubernetes
+ Secret containing the CA to validate the server certificate.
+ The CA certificate is extracted from key `tls.ca` or `ca.crt`.
+ type: string
+ certSecret:
+ description: CertSecret is the name of the referenced Kubernetes
+ Secret containing the client certificate. The client certificate
+ is extracted from the keys `tls.crt` and `tls.key`.
+ type: string
+ insecureSkipVerify:
+ description: InsecureSkipVerify defines whether the server
+ certificates should be validated.
+ type: boolean
+ type: object
+ trustForwardHeader:
+ description: 'TrustForwardHeader defines whether to trust (ie:
+ forward) all X-Forwarded-* headers.'
+ type: boolean
+ type: object
+ headers:
+ description: 'Headers holds the headers middleware configuration.
+ This middleware manages the requests and responses headers. More
+ info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders'
+ properties:
+ accessControlAllowCredentials:
+ description: AccessControlAllowCredentials defines whether the
+ request can include user credentials.
+ type: boolean
+ accessControlAllowHeaders:
+ description: AccessControlAllowHeaders defines the Access-Control-Request-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowMethods:
+ description: AccessControlAllowMethods defines the Access-Control-Request-Method
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginList:
+ description: AccessControlAllowOriginList is a list of allowable
+ origins. Can also be a wildcard origin "*".
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginListRegex:
+ description: AccessControlAllowOriginListRegex is a list of allowable
+ origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/).
+ items:
+ type: string
+ type: array
+ accessControlExposeHeaders:
+ description: AccessControlExposeHeaders defines the Access-Control-Expose-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlMaxAge:
+ description: AccessControlMaxAge defines the time that a preflight
+ request may be cached.
+ format: int64
+ type: integer
+ addVaryHeader:
+ description: AddVaryHeader defines whether the Vary header is
+ automatically added/updated when the AccessControlAllowOriginList
+ is set.
+ type: boolean
+ allowedHosts:
+ description: AllowedHosts defines the fully qualified list of
+ allowed domain names.
+ items:
+ type: string
+ type: array
+ browserXssFilter:
+ description: BrowserXSSFilter defines whether to add the X-XSS-Protection
+ header with the value 1; mode=block.
+ type: boolean
+ contentSecurityPolicy:
+ description: ContentSecurityPolicy defines the Content-Security-Policy
+ header value.
+ type: string
+ contentTypeNosniff:
+ description: ContentTypeNosniff defines whether to add the X-Content-Type-Options
+ header with the nosniff value.
+ type: boolean
+ customBrowserXSSValue:
+ description: CustomBrowserXSSValue defines the X-XSS-Protection
+ header value. This overrides the BrowserXssFilter option.
+ type: string
+ customFrameOptionsValue:
+ description: CustomFrameOptionsValue defines the X-Frame-Options
+ header value. This overrides the FrameDeny option.
+ type: string
+ customRequestHeaders:
+ additionalProperties:
+ type: string
+ description: CustomRequestHeaders defines the header names and
+ values to apply to the request.
+ type: object
+ customResponseHeaders:
+ additionalProperties:
+ type: string
+ description: CustomResponseHeaders defines the header names and
+ values to apply to the response.
+ type: object
+ featurePolicy:
+ description: 'Deprecated: use PermissionsPolicy instead.'
+ type: string
+ forceSTSHeader:
+ description: ForceSTSHeader defines whether to add the STS header
+ even when the connection is HTTP.
+ type: boolean
+ frameDeny:
+ description: FrameDeny defines whether to add the X-Frame-Options
+ header with the DENY value.
+ type: boolean
+ hostsProxyHeaders:
+ description: HostsProxyHeaders defines the header keys that may
+ hold a proxied hostname value for the request.
+ items:
+ type: string
+ type: array
+ isDevelopment:
+ description: IsDevelopment defines whether to mitigate the unwanted
+ effects of the AllowedHosts, SSL, and STS options when developing.
+ Usually testing takes place using HTTP, not HTTPS, and on localhost,
+ not your production domain. If you would like your development
+ environment to mimic production with complete Host blocking,
+ SSL redirects, and STS headers, leave this as false.
+ type: boolean
+ permissionsPolicy:
+ description: PermissionsPolicy defines the Permissions-Policy
+ header value. This allows sites to control browser features.
+ type: string
+ publicKey:
+ description: PublicKey is the public key that implements HPKP
+ to prevent MITM attacks with forged certificates.
+ type: string
+ referrerPolicy:
+ description: ReferrerPolicy defines the Referrer-Policy header
+ value. This allows sites to control whether browsers forward
+ the Referer header to other sites.
+ type: string
+ sslForceHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: boolean
+ sslHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: string
+ sslProxyHeaders:
+ additionalProperties:
+ type: string
+ description: 'SSLProxyHeaders defines the header keys with associated
+ values that would indicate a valid HTTPS request. It can be
+ useful when using other proxies (example: "X-Forwarded-Proto":
+ "https").'
+ type: object
+ sslRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ sslTemporaryRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ stsIncludeSubdomains:
+ description: STSIncludeSubdomains defines whether the includeSubDomains
+ directive is appended to the Strict-Transport-Security header.
+ type: boolean
+ stsPreload:
+ description: STSPreload defines whether the preload flag is appended
+ to the Strict-Transport-Security header.
+ type: boolean
+ stsSeconds:
+ description: STSSeconds defines the max-age of the Strict-Transport-Security
+ header. If set to 0, the header is not set.
+ format: int64
+ type: integer
+ type: object
+ inFlightReq:
+ description: 'InFlightReq holds the in-flight request middleware configuration.
+ This middleware limits the number of requests being processed and
+ served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/'
+ properties:
+ amount:
+ description: Amount defines the maximum amount of allowed simultaneous
+ in-flight request. The middleware responds with HTTP 429 Too
+ Many Requests if there are already amount requests in progress
+ (based on the same sourceCriterion strategy).
+ format: int64
+ type: integer
+ sourceCriterion:
+ description: 'SourceCriterion defines what criterion is used to
+ group requests as originating from a common source. If several
+ strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the requestHost. More
+ info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion'
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration
+ used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ ipWhiteList:
+ description: 'IPWhiteList holds the IP whitelist middleware configuration.
+ This middleware accepts / refuses requests based on the client IP.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/'
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration used
+ by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position (starting
+ from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the X-Forwarded-For
+ header and select the first IP not in the list.
+ items:
+ type: string
+ type: array
+ type: object
+ sourceRange:
+ description: SourceRange defines the set of allowed IPs (or ranges
+ of allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ passTLSClientCert:
+ description: 'PassTLSClientCert holds the pass TLS client cert middleware
+ configuration. This middleware adds the selected data from the passed
+ client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/'
+ properties:
+ info:
+ description: Info selects the specific client certificate details
+ you want to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ issuer:
+ description: Issuer defines the client certificate issuer
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the issuer.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the issuer.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the issuer.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the issuer.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the issuer.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the issuer.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the issuer.
+ type: boolean
+ type: object
+ notAfter:
+ description: NotAfter defines whether to add the Not After
+ information from the Validity part.
+ type: boolean
+ notBefore:
+ description: NotBefore defines whether to add the Not Before
+ information from the Validity part.
+ type: boolean
+ sans:
+ description: Sans defines whether to add the Subject Alternative
+ Name information from the Subject Alternative Name part.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the client
+ serialNumber information.
+ type: boolean
+ subject:
+ description: Subject defines the client certificate subject
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the subject.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the subject.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the subject.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the subject.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the subject.
+ type: boolean
+ organizationalUnit:
+ description: OrganizationalUnit defines whether to add
+ the organizationalUnit information into the subject.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the subject.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the subject.
+ type: boolean
+ type: object
+ type: object
+ pem:
+ description: PEM sets the X-Forwarded-Tls-Client-Cert header with
+ the certificate.
+ type: boolean
+ type: object
+ plugin:
+ additionalProperties:
+ x-kubernetes-preserve-unknown-fields: true
+ description: 'Plugin defines the middleware plugin configuration.
+ More info: https://doc.traefik.io/traefik/plugins/'
+ type: object
+ rateLimit:
+ description: 'RateLimit holds the rate limit configuration. This middleware
+ ensures that services will receive a fair amount of requests, and
+ allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/'
+ properties:
+ average:
+ description: Average is the maximum rate, by default in requests/s,
+ allowed for the given source. It defaults to 0, which means
+ no rate limiting. The rate is actually defined by dividing Average
+ by Period. So for a rate below 1req/s, one needs to define a
+ Period larger than a second.
+ format: int64
+ type: integer
+ burst:
+ description: Burst is the maximum number of requests allowed to
+ arrive in the same arbitrarily small period of time. It defaults
+ to 1.
+ format: int64
+ type: integer
+ period:
+ anyOf:
+ - type: integer
+ - type: string
+ description: 'Period, in combination with Average, defines the
+ actual maximum rate, such as: r = Average / Period. It defaults
+ to a second.'
+ x-kubernetes-int-or-string: true
+ sourceCriterion:
+ description: SourceCriterion defines what criterion is used to
+ group requests as originating from a common source. If several
+ strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the request's remote
+ address field (as an ipStrategy).
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration
+ used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ redirectRegex:
+ description: 'RedirectRegex holds the redirect regex middleware configuration.
+ This middleware redirects a request using regex matching and replacement.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex'
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ regex:
+ description: Regex defines the regex used to match and capture
+ elements from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines how to modify the URL to have
+ the new target URL.
+ type: string
+ type: object
+ redirectScheme:
+ description: 'RedirectScheme holds the redirect scheme middleware
+ configuration. This middleware redirects requests from a scheme/port
+ to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/'
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ port:
+ description: Port defines the port of the new URL.
+ type: string
+ scheme:
+ description: Scheme defines the scheme of the new URL.
+ type: string
+ type: object
+ replacePath:
+ description: 'ReplacePath holds the replace path middleware configuration.
+ This middleware replaces the path of the request URL and store the
+ original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/'
+ properties:
+ path:
+ description: Path defines the path to use as replacement in the
+ request URL.
+ type: string
+ type: object
+ replacePathRegex:
+ description: 'ReplacePathRegex holds the replace path regex middleware
+ configuration. This middleware replaces the path of a URL using
+ regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/'
+ properties:
+ regex:
+ description: Regex defines the regular expression used to match
+ and capture the path from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines the replacement path format,
+ which can include captured variables.
+ type: string
+ type: object
+ retry:
+ description: 'Retry holds the retry middleware configuration. This
+ middleware reissues requests a given number of times to a backend
+ server if that server does not reply. As soon as the server answers,
+ the middleware stops retrying, regardless of the response status.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/'
+ properties:
+ attempts:
+ description: Attempts defines how many times the request should
+ be retried.
+ type: integer
+ initialInterval:
+ anyOf:
+ - type: integer
+ - type: string
+ description: InitialInterval defines the first wait time in the
+ exponential backoff series. The maximum interval is calculated
+ as twice the initialInterval. If unspecified, requests will
+ be retried immediately. The value of initialInterval should
+ be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration.
+ x-kubernetes-int-or-string: true
+ type: object
+ stripPrefix:
+ description: 'StripPrefix holds the strip prefix middleware configuration.
+ This middleware removes the specified prefixes from the URL path.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/'
+ properties:
+ forceSlash:
+ description: 'ForceSlash ensures that the resulting stripped path
+ is not the empty string, by replacing it with / when necessary.
+ Default: true.'
+ type: boolean
+ prefixes:
+ description: Prefixes defines the prefixes to strip from the request
+ URL.
+ items:
+ type: string
+ type: array
+ type: object
+ stripPrefixRegex:
+ description: 'StripPrefixRegex holds the strip prefix regex middleware
+ configuration. This middleware removes the matching prefixes from
+ the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/'
+ properties:
+ regex:
+ description: Regex defines the regular expression to match the
+ path prefix from the request URL.
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_middlewaretcps.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_middlewaretcps.yaml
new file mode 100644
index 0000000000..8623568f5b
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.io_middlewaretcps.yaml
@@ -0,0 +1,72 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: middlewaretcps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: MiddlewareTCP
+ listKind: MiddlewareTCPList
+ plural: middlewaretcps
+ singular: middlewaretcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareTCPSpec defines the desired state of a MiddlewareTCP.
+ properties:
+ inFlightConn:
+ description: InFlightConn defines the InFlightConn middleware configuration.
+ properties:
+ amount:
+ description: Amount defines the maximum amount of allowed simultaneous
+ connections. The middleware closes the connection if there are
+ already amount connections opened.
+ format: int64
+ type: integer
+ type: object
+ ipWhiteList:
+ description: IPWhiteList defines the IPWhiteList middleware configuration.
+ properties:
+ sourceRange:
+ description: SourceRange defines the allowed IPs (or ranges of
+ allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_serverstransports.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_serverstransports.yaml
new file mode 100644
index 0000000000..803b56395a
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.io_serverstransports.yaml
@@ -0,0 +1,128 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: serverstransports.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: ServersTransport
+ listKind: ServersTransportList
+ plural: serverstransports
+ singular: serverstransport
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'ServersTransport is the CRD implementation of a ServersTransport.
+ If no serversTransport is specified, the default@internal will be used.
+ The default@internal serversTransport is created from the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ServersTransportSpec defines the desired state of a ServersTransport.
+ properties:
+ certificatesSecrets:
+ description: CertificatesSecrets defines a list of secret storing
+ client certificates for mTLS.
+ items:
+ type: string
+ type: array
+ disableHTTP2:
+ description: DisableHTTP2 disables HTTP/2 for connections with backend
+ servers.
+ type: boolean
+ forwardingTimeouts:
+ description: ForwardingTimeouts defines the timeouts for requests
+ forwarded to the backend servers.
+ properties:
+ dialTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialTimeout is the amount of time to wait until a
+ connection to a backend server can be established.
+ x-kubernetes-int-or-string: true
+ idleConnTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: IdleConnTimeout is the maximum period for which an
+ idle HTTP keep-alive connection will remain open before closing
+ itself.
+ x-kubernetes-int-or-string: true
+ pingTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: PingTimeout is the timeout after which the HTTP/2
+ connection will be closed if a response to ping is not received.
+ x-kubernetes-int-or-string: true
+ readIdleTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ReadIdleTimeout is the timeout after which a health
+ check using ping frame will be carried out if no frame is received
+ on the HTTP/2 connection.
+ x-kubernetes-int-or-string: true
+ responseHeaderTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ResponseHeaderTimeout is the amount of time to wait
+ for a server's response headers after fully writing the request
+ (including its body, if any).
+ x-kubernetes-int-or-string: true
+ type: object
+ insecureSkipVerify:
+ description: InsecureSkipVerify disables SSL certificate verification.
+ type: boolean
+ maxIdleConnsPerHost:
+ description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
+ to keep per-host.
+ type: integer
+ peerCertURI:
+ description: PeerCertURI defines the peer cert URI used to match against
+ SAN URI during the peer certificate verification.
+ type: string
+ rootCAsSecrets:
+ description: RootCAsSecrets defines a list of CA secret used to validate
+ self-signed certificate.
+ items:
+ type: string
+ type: array
+ serverName:
+ description: ServerName defines the server name used to contact the
+ server.
+ type: string
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_serverstransporttcps.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_serverstransporttcps.yaml
new file mode 100644
index 0000000000..10e0a3f0e7
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.io_serverstransporttcps.yaml
@@ -0,0 +1,122 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: serverstransporttcps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: ServersTransportTCP
+ listKind: ServersTransportTCPList
+ plural: serverstransporttcps
+ singular: serverstransporttcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'ServersTransportTCP is the CRD implementation of a TCPServersTransport.
+ If no tcpServersTransport is specified, a default one named default@internal
+ will be used. The default@internal tcpServersTransport can be configured
+ in the static configuration. More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ServersTransportTCPSpec defines the desired state of a ServersTransportTCP.
+ properties:
+ dialKeepAlive:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialKeepAlive is the interval between keep-alive probes
+ for an active network connection. If zero, keep-alive probes are
+ sent with a default value (currently 15 seconds), if supported by
+ the protocol and operating system. Network protocols or operating
+ systems that do not support keep-alives ignore this field. If negative,
+ keep-alive probes are disabled.
+ x-kubernetes-int-or-string: true
+ dialTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialTimeout is the amount of time to wait until a connection
+ to a backend server can be established.
+ x-kubernetes-int-or-string: true
+ terminationDelay:
+ anyOf:
+ - type: integer
+ - type: string
+ description: TerminationDelay defines the delay to wait before fully
+ terminating the connection, after one connected peer has closed
+ its writing capability.
+ x-kubernetes-int-or-string: true
+ tls:
+ description: TLS defines the TLS configuration
+ properties:
+ certificatesSecrets:
+ description: CertificatesSecrets defines a list of secret storing
+ client certificates for mTLS.
+ items:
+ type: string
+ type: array
+ insecureSkipVerify:
+ description: InsecureSkipVerify disables TLS certificate verification.
+ type: boolean
+ peerCertURI:
+ description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
+ to keep per-host. PeerCertURI defines the peer cert URI used
+ to match against SAN URI during the peer certificate verification.
+ type: string
+ rootCAsSecrets:
+ description: RootCAsSecrets defines a list of CA secret used to
+ validate self-signed certificates.
+ items:
+ type: string
+ type: array
+ serverName:
+ description: ServerName defines the server name used to contact
+ the server.
+ type: string
+ spiffe:
+ description: Spiffe defines the SPIFFE configuration.
+ properties:
+ ids:
+ description: IDs defines the allowed SPIFFE IDs (takes precedence
+ over the SPIFFE TrustDomain).
+ items:
+ type: string
+ type: array
+ trustDomain:
+ description: TrustDomain defines the allowed SPIFFE trust
+ domain.
+ type: string
+ type: object
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_tlsoptions.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_tlsoptions.yaml
new file mode 100644
index 0000000000..b86fefe0e9
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.io_tlsoptions.yaml
@@ -0,0 +1,113 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: tlsoptions.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: TLSOption
+ listKind: TLSOptionList
+ plural: tlsoptions
+ singular: tlsoption
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TLSOption is the CRD implementation of a Traefik TLS Option,
+ allowing to configure some parameters of the TLS connection. More info:
+ https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSOptionSpec defines the desired state of a TLSOption.
+ properties:
+ alpnProtocols:
+ description: 'ALPNProtocols defines the list of supported application
+ level protocols for the TLS handshake, in order of preference. More
+ info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols'
+ items:
+ type: string
+ type: array
+ cipherSuites:
+ description: 'CipherSuites defines the list of supported cipher suites
+ for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites'
+ items:
+ type: string
+ type: array
+ clientAuth:
+ description: ClientAuth defines the server's policy for TLS Client
+ Authentication.
+ properties:
+ clientAuthType:
+ description: ClientAuthType defines the client authentication
+ type to apply.
+ enum:
+ - NoClientCert
+ - RequestClientCert
+ - RequireAnyClientCert
+ - VerifyClientCertIfGiven
+ - RequireAndVerifyClientCert
+ type: string
+ secretNames:
+ description: SecretNames defines the names of the referenced Kubernetes
+ Secret storing certificate details.
+ items:
+ type: string
+ type: array
+ type: object
+ curvePreferences:
+ description: 'CurvePreferences defines the preferred elliptic curves
+ in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences'
+ items:
+ type: string
+ type: array
+ maxVersion:
+ description: 'MaxVersion defines the maximum TLS version that Traefik
+ will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
+ VersionTLS13. Default: None.'
+ type: string
+ minVersion:
+ description: 'MinVersion defines the minimum TLS version that Traefik
+ will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
+ VersionTLS13. Default: VersionTLS10.'
+ type: string
+ preferServerCipherSuites:
+ description: 'PreferServerCipherSuites defines whether the server
+ chooses a cipher suite among his own instead of among the client''s.
+ It is enabled automatically when minVersion or maxVersion is set.
+ Deprecated: https://github.com/golang/go/issues/45430'
+ type: boolean
+ sniStrict:
+ description: SniStrict defines whether Traefik allows connections
+ from clients connections that do not specify a server_name extension.
+ type: boolean
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_tlsstores.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_tlsstores.yaml
new file mode 100644
index 0000000000..47b46854c8
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.io_tlsstores.yaml
@@ -0,0 +1,99 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: tlsstores.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: TLSStore
+ listKind: TLSStoreList
+ plural: tlsstores
+ singular: tlsstore
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For
+ the time being, only the TLSStore named default is supported. This means
+ that you cannot have two stores that are named default in different Kubernetes
+ namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSStoreSpec defines the desired state of a TLSStore.
+ properties:
+ certificates:
+ description: Certificates is a list of secret names, each secret holding
+ a key/certificate pair to add to the store.
+ items:
+ description: Certificate holds a secret name for the TLSStore resource.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ type: array
+ defaultCertificate:
+ description: DefaultCertificate defines the default certificate configuration.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ defaultGeneratedCert:
+ description: DefaultGeneratedCert defines the default generated certificate
+ configuration.
+ properties:
+ domain:
+ description: Domain is the domain definition for the DefaultCertificate.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain names.
+ items:
+ type: string
+ type: array
+ type: object
+ resolver:
+ description: Resolver is the name of the resolver that will be
+ used to issue the DefaultCertificate.
+ type: string
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/crds/traefik.io_traefikservices.yaml b/enterprise/traefik/25.1.13/crds/traefik.io_traefikservices.yaml
new file mode 100644
index 0000000000..0f3475bda4
--- /dev/null
+++ b/enterprise/traefik/25.1.13/crds/traefik.io_traefikservices.yaml
@@ -0,0 +1,402 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: traefikservices.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: TraefikService
+ listKind: TraefikServiceList
+ plural: traefikservices
+ singular: traefikservice
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TraefikService is the CRD implementation of a Traefik Service.
+ TraefikService object allows to: - Apply weight to Services on load-balancing
+ - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TraefikServiceSpec defines the desired state of a TraefikService.
+ properties:
+ mirroring:
+ description: Mirroring defines the Mirroring service configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ maxBodySize:
+ description: MaxBodySize defines the maximum size allowed for
+ the body of the request. If the body is larger, the request
+ is not mirrored. Default value is -1, which means unlimited
+ size.
+ format: int64
+ type: integer
+ mirrors:
+ description: Mirrors defines the list of mirrors where Traefik
+ will duplicate the traffic.
+ items:
+ description: MirrorService holds the mirror configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or
+ if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ percent:
+ description: 'Percent defines the part of the traffic to
+ mirror. Supported values: 0 to 100.'
+ type: integer
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in
+ milliseconds, in between flushes to the client while
+ copying the response body. A negative value means
+ to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes
+ a response as a streaming response; for such responses,
+ writes are flushed to the client immediately. Default:
+ 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between the two
+ is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the
+ only child is the Kubernetes Service clusterIP. The Kubernetes
+ Service itself does load-balance to the pods. By default, NativeLB
+ is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host header
+ is forwarded to the upstream Kubernetes Service. By default,
+ passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service. This
+ can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards the
+ response from the upstream Kubernetes Service to the client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in milliseconds,
+ in between flushes to the client while copying the response
+ body. A negative value means to flush immediately after
+ each write to the client. This configuration is ignored
+ when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https when
+ Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport between
+ Traefik and your servers. Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy. More
+ info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy between
+ the servers. RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be specified
+ when Name references a TraefikService object (and to be precise,
+ one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ weighted:
+ description: Weighted defines the Weighted Round Robin configuration.
+ properties:
+ services:
+ description: Services defines the list of Kubernetes Service and/or
+ TraefikService to load-balance, with weight.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or
+ if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in
+ milliseconds, in between flushes to the client while
+ copying the response body. A negative value means
+ to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes
+ a response as a streaming response; for such responses,
+ writes are flushed to the client immediately. Default:
+ 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ sticky:
+ description: 'Sticky defines whether sticky sessions are enabled.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy. More
+ info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/enterprise/traefik/25.1.13/ix_values.yaml b/enterprise/traefik/25.1.13/ix_values.yaml
new file mode 100644
index 0000000000..d3efd64d50
--- /dev/null
+++ b/enterprise/traefik/25.1.13/ix_values.yaml
@@ -0,0 +1,441 @@
+image:
+ repository: tccr.io/tccr/traefik
+ tag: v2.10.7@sha256:1a1f160572eadb370fb6204387838df968c2f1586e0ddd1b9b379012c6465f28
+ pullPolicy: IfNotPresent
+manifestManager:
+ enabled: true
+workload:
+ main:
+ replicas: 2
+ strategy: RollingUpdate
+ podSpec:
+ containers:
+ main:
+ args: []
+ probes:
+ # -- Liveness probe configuration
+ # @default -- See below
+ liveness:
+ # -- sets the probe type when not using a custom probe
+ # @default -- "TCP"
+ type: tcp
+ # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
+ # @default -- "/"
+ # path: "/ping"
+ # -- Readiness probe configuration
+ # @default -- See below
+ readiness:
+ # -- sets the probe type when not using a custom probe
+ # @default -- "TCP"
+ type: tcp
+ # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
+ # @default -- "/"
+ # path: "/ping"
+ # -- Startup probe configuration
+ # @default -- See below
+ startup:
+ # -- sets the probe type when not using a custom probe
+ # @default -- "TCP"
+ type: tcp
+ # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
+ # @default -- "/"
+ # path: "/ping"
+# -- Options for all pods
+# Can be overruled per pod
+podOptions:
+ automountServiceAccountToken: true
+operator:
+ register: true
+# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
+ingressClass:
+ # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
+ enabled: false
+ isDefaultClass: false
+ # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
+ fallbackApiVersion: ""
+# -- Create an IngressRoute for the dashboard
+ingressRoute:
+ dashboard:
+ enabled: true
+ # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
+ annotations: {}
+ # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
+ labels: {}
+#
+# -- Configure providers
+providers:
+ kubernetesCRD:
+ enabled: true
+ namespaces: []
+ # - "default"
+ kubernetesIngress:
+ enabled: true
+ # labelSelector: environment=production,method=traefik
+ namespaces: []
+ # - "default"
+ # IP used for Kubernetes Ingress endpoints
+ publishedService:
+ enabled: true
+ # Published Kubernetes Service to copy status from. Format: namespace/servicename
+ # By default this Traefik service
+ # pathOverride: ""
+# -- Logs
+# https://docs.traefik.io/observability/logs/
+logs:
+ # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
+ general:
+ # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
+ level: ERROR
+ # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
+ format: common
+ access:
+ # To enable access logs
+ enabled: false
+ # To write the logs in an asynchronous fashion, specify a bufferingSize option.
+ # This option represents the number of log lines Traefik will keep in memory before writing
+ # them to the selected output. In some cases, this option can greatly help performances.
+ # bufferingSize: 100
+ # Filtering https://docs.traefik.io/observability/access-logs/#filtering
+ filters: {}
+ # statuscodes: "200,300-302"
+ # retryattempts: true
+ # minduration: 10ms
+ # Fields
+ # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
+ fields:
+ general:
+ defaultmode: keep
+ names: {}
+ # Examples:
+ # ClientUsername: drop
+ headers:
+ defaultmode: drop
+ names: {}
+ # Examples:
+ # User-Agent: redact
+ # Authorization: drop
+ # Content-Type: keep
+ # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
+ format: common
+metrics:
+ main:
+ enabled: false
+ type: servicemonitor
+ endpoints:
+ - port: metrics
+ path: /metrics
+ targetSelector: metrics
+globalArguments:
+ - "--global.checknewversion"
+##
+# -- Additional arguments to be passed at Traefik's binary
+# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
+## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
+additionalArguments:
+ - "--serverstransport.insecureskipverify=true"
+ - "--providers.kubernetesingress.allowexternalnameservices=true"
+
+# -- Default clusterCertificate generated by clusterissuer
+defaultCertificate: ""
+
+# -- Add custom DNSStore objects
+tlsStore: {}
+
+# -- TLS Options to be created as TLSOption CRDs
+# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
+# Example:
+tlsOptions:
+ default:
+ sniStrict: false
+ minVersion: VersionTLS12
+ curvePreferences:
+ - CurveP521
+ - CurveP384
+ cipherSuites:
+ - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
+ - TLS_AES_128_GCM_SHA256
+ - TLS_AES_256_GCM_SHA384
+ - TLS_CHACHA20_POLY1305_SHA256
+# -- Options for the main traefik service, where the entrypoints traffic comes from
+# from.
+service:
+ main:
+ type: LoadBalancer
+ ports:
+ main:
+ port: 9000
+ targetPort: 9000
+ protocol: http
+ # -- Forwarded Headers should never be enabled on Main entrypoint
+ forwardedHeaders:
+ enabled: false
+ # -- Proxy Protocol should never be enabled on Main entrypoint
+ proxyProtocol:
+ enabled: false
+ tcp:
+ enabled: true
+ type: LoadBalancer
+ ports:
+ web:
+ enabled: true
+ port: 80
+ protocol: http
+ redirectTo: websecure
+ # Options: Empty, 0 (ingore), or positive int
+ # redirectPort:
+ # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
+ forwardedHeaders:
+ enabled: false
+ # -- List of trusted IP and CIDR references
+ trustedIPs: []
+ # -- Trust all forwarded headers
+ insecureMode: false
+ # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
+ proxyProtocol:
+ enabled: false
+ # -- Only IPs in trustedIPs will lead to remote client address replacement
+ trustedIPs: []
+ # -- Trust every incoming connection
+ insecureMode: false
+ websecure:
+ enabled: true
+ port: 443
+ protocol: https
+ # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
+ forwardedHeaders:
+ enabled: false
+ # -- List of trusted IP and CIDR references
+ trustedIPs: []
+ # -- Trust all forwarded headers
+ insecureMode: false
+ # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
+ proxyProtocol:
+ enabled: false
+ # -- Only IPs in trustedIPs will lead to remote client address replacement
+ trustedIPs: []
+ # -- Trust every incoming connection
+ insecureMode: false
+ # tcpexample:
+ # enabled: true
+ # targetPort: 9443
+ # protocol: tcp
+ # tls:
+ # enabled: false
+ # # this is the name of a TLSOption definition
+ # options: ""
+ # certResolver: ""
+ # domains: []
+ # # - main: example.com
+ # # sans:
+ # # - foo.example.com
+ # # - bar.example.com
+ metrics:
+ enabled: true
+ type: ClusterIP
+ ports:
+ metrics:
+ enabled: true
+ port: 9180
+ targetPort: 9180
+ protocol: http
+ # -- Forwarded Headers should never be enabled on Metrics entrypoint
+ forwardedHeaders:
+ enabled: false
+ # -- Proxy Protocol should never be enabled on Metrics entrypoint
+ proxyProtocol:
+ enabled: false
+ # udp:
+ # enabled: false
+# -- Whether Role Based Access Control objects like roles and rolebindings should be created
+rbac:
+ main:
+ enabled: true
+ primary: true
+ clusterWide: true
+ rules:
+ - apiGroups:
+ - ""
+ resources:
+ - services
+ - endpoints
+ - secrets
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - extensions
+ - networking.k8s.io
+ resources:
+ - ingresses
+ - ingressclasses
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - extensions
+ - networking.k8s.io
+ resources:
+ - ingresses/status
+ verbs:
+ - update
+ - apiGroups:
+ - traefik.containo.us
+ - traefik.io
+ resources:
+ - middlewares
+ - middlewaretcps
+ - ingressroutes
+ - traefikservices
+ - ingressroutetcps
+ - ingressrouteudps
+ - tlsoptions
+ - tlsstores
+ - serverstransports
+ verbs:
+ - get
+ - list
+ - watch
+# -- The service account the pods will use to interact with the Kubernetes API
+serviceAccount:
+ main:
+ enabled: true
+ primary: true
+# -- SCALE Middleware Handlers
+middlewares:
+ basicAuth: []
+ # - name: basicauthexample
+ # users:
+ # - username: testuser
+ # password: testpassword
+ forwardAuth: []
+ # - name: forwardAuthexample
+ # address: https://auth.example.com/
+ # authResponseHeaders:
+ # - X-Secret
+ # - X-Auth-User
+ # authRequestHeaders:
+ # - "Accept"
+ # - "X-CustomHeader"
+ # authResponseHeadersRegex: "^X-"
+ # trustForwardHeader: true
+ customRequestHeaders: []
+ # - name: customRequestHeaderExample
+ # headers:
+ # - name: X-Custom-Header
+ # value: "foobar"
+ # - name: X-Header-To-Remove
+ # value: ""
+ customResponseHeaders: []
+ # - name: customResponseHeaderExample
+ # headers:
+ # - name: X-Custom-Header
+ # value: "foobar"
+ # - name: X-Header-To-Remove
+ # value: ""
+ rewriteResponseHeaders: []
+ # - name: rewriteResponseHeadersName
+ # headers:
+ # - name: "Location"
+ # regex: "^http://(.+)$"
+ # replacement: "https://$1"
+ # - name: "Date"
+ # regex: "^[^,]+,\\s*(.+)$"
+ # replacement: "$1"
+ customFrameOptionsValue: []
+ # - name: customFrameOptionsValueExample
+ # value: "SAMEORIGIN"
+ buffering: []
+ # - name: bufferingExample
+ # maxRequestBodyBytes: 1000000
+ # memRequestBodyBytes: 1000000
+ # maxResponseBodyBytes: 1000000
+ # memResponseBodyBytes: 1000000
+ # retryExpression: "IsNetworkError() && Attempts() < 2"
+ chain: []
+ # - name: chainname
+ # middlewares:
+ # - name: compress
+ redirectScheme: []
+ # - name: redirectSchemeName
+ # scheme: https
+ # permanent: true
+ rateLimit: []
+ # - name: rateLimitName
+ # average: 300
+ # burst: 200
+ redirectRegex: []
+ # - name: redirectRegexName
+ # regex: putregexhere
+ # replacement: replacementurlhere
+ # permanent: false
+ stripPrefixRegex: []
+ # - name: stripPrefixRegexName
+ # regex: []
+ ipWhiteList: []
+ # - name: ipWhiteListName
+ # sourceRange: []
+ # ipStrategy:
+ # depth: 2
+ # excludedIPs: []
+ themePark: []
+ # - name: themeParkName
+ # -- Supported apps, lower case name
+ # -- https://docs.theme-park.dev/themes
+ # app: appnamehere
+ # -- Supported themes, lower case name
+ # -- https://docs.theme-park.dev/themes/APPNAMEHERE
+ # -- https://docs.theme-park.dev/community-themes
+ # theme: themenamehere
+ # -- https://theme-park.dev or a self hosted url
+ # baseUrl: https://theme-park.dev
+ # Sets X-Real-Ip with an IP from the X-Forwarded-For or
+ # Cf-Connecting-Ip (If from Cloudflare)
+ # Evaluation of those headers will go from last to first
+ realIP: []
+ # - name: realIPName
+ # -- The real IP will be the first one that is
+ # -- not included in any of the CIDRs passed here
+ # excludedNetworks:
+ # - 1.1.1.1/24
+ addPrefix: []
+ # - name: addPrefixName
+ # prefix: "/foo"
+ geoBlock: []
+ # -- https://github.com/PascalMinder/geoblock
+ # - name: geoBlockName
+ # allowLocalRequests: true
+ # logLocalRequests: false
+ # logAllowedRequests: false
+ # logApiRequests: false
+ # api: https://get.geojs.io/v1/ip/country/{ip}
+ # apiTimeoutMs: 500
+ # cacheSize: 25
+ # forceMonthlyUpdate: true
+ # allowUnknownCountries: false
+ # unknownCountryApiResponse: nil
+ # blackListMode: false
+ # countries:
+ # - RU
+ modsecurity: []
+ # - name: modsecurityName
+ # modSecurityUrl: modSecurity container URL
+ # timeoutMillis: Configurated timeout
+ # maxBodySize: maxBodySize
+ ## Note: body of every request will be buffered in memory while the request is in-flight
+ ## (i.e.: during the security check and during the request processing by traefik and the backend),
+ ## so you may want to tune maxBodySize depending on how much RAM you have.
+portalhook:
+ enabled: true
+persistence:
+ plugins:
+ enabled: true
+ mountPath: "/plugins-storage"
+ type: emptyDir
+portal:
+ open:
+ enabled: true
+ path: /dashboard/
diff --git a/enterprise/traefik/25.1.13/questions.yaml b/enterprise/traefik/25.1.13/questions.yaml
new file mode 100644
index 0000000000..d6e4abd22f
--- /dev/null
+++ b/enterprise/traefik/25.1.13/questions.yaml
@@ -0,0 +1,3402 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+portals:
+ open:
+ protocols:
+ - "$kubernetes-resource_configmap_tcportal-open_protocol"
+ host:
+ - "$kubernetes-resource_configmap_tcportal-open_host"
+ ports:
+ - "$kubernetes-resource_configmap_tcportal-open_port"
+ path: "$kubernetes-resource_configmap_tcportal-open_path"
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
+ - variable: workload
+ group: "Workload Settings"
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Type (Advanced)
+ schema:
+ type: string
+ default: Deployment
+ enum:
+ - value: Deployment
+ description: Deployment
+ - value: DaemonSet
+ description: DaemonSet
+ - variable: replicas
+ label: Replicas (Advanced)
+ description: Set the number of Replicas
+ schema:
+ type: int
+ show_if: [["type", "!=", "DaemonSet"]]
+ default: 1
+ - variable: podSpec
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: containers
+ label: Containers
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: Main Container
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: envList
+ label: Extra Environment Variables
+ description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ - variable: extraArgs
+ label: Extra Args
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: arg
+ label: Arg
+ schema:
+ type: string
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: command
+ label: Command
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: param
+ label: Param
+ schema:
+ type: string
+ - variable: TZ
+ label: Timezone
+ group: "General Settings"
+ schema:
+ type: string
+ default: "Etc/UTC"
+ $ref:
+ - "definitions/timezone"
+ - variable: podOptions
+ group: "General Settings"
+ label: "Global Pod Options (Advanced)"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: expertPodOpts
+ label: "Expert - Pod Options"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hostNetwork
+ label: "Host Networking"
+ schema:
+ type: boolean
+ default: false
+ - variable: dnsConfig
+ label: "DNS Configuration"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: options
+ label: "Options"
+ schema:
+ type: list
+ default: [{"name": "ndots", "value": "1"}]
+ items:
+ - variable: optionsEntry
+ label: "Option Entry"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: nameservers
+ label: "Nameservers"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: nsEntry
+ label: "Nameserver Entry"
+ schema:
+ type: string
+ required: true
+ - variable: searches
+ label: "Searches"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: searchEntry
+ label: "Search Entry"
+ schema:
+ type: string
+ required: true
+
+ - variable: imagePullSecretList
+ group: "General Settings"
+ label: "Image Pull Secrets"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pullsecretentry
+ label: "Pull Secret"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: data
+ label: Data
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: registry
+ label: "Registry"
+ schema:
+ type: string
+ required: true
+ default: "https://index.docker.io/v1/"
+ - variable: username
+ label: "Username"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: password
+ label: "Password"
+ schema:
+ type: string
+ required: true
+ private: true
+ default: ""
+ - variable: email
+ label: "Email"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: expertIngressClass
+ label: Expert Mode
+ group: App Configuration
+ description: |
+ Expert Mode contains settings like:
+ - IngressClass
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: ingressClass
+ label: "ingressClass"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable"
+ description: "When enabled, ingressClass will match the entered name of this app"
+ schema:
+ type: boolean
+ default: false
+ - variable: isDefaultClass
+ label: "isDefaultClass"
+ schema:
+ type: boolean
+ show_if: [["enabled", "=", true]]
+ default: false
+ - variable: logs
+ label: "Logs"
+ group: "App Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: general
+ label: "General Logs"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: level
+ label: "Log Level"
+ schema:
+ type: string
+ default: "ERROR"
+ enum:
+ - value: "INFO"
+ description: "Info"
+ - value: "WARN"
+ description: "Warnings"
+ - value: "ERROR"
+ description: "Errors"
+ - value: "FATAL"
+ description: "Fatal Errors"
+ - value: "PANIC"
+ description: "Panics"
+ - value: "DEBUG"
+ description: "Debug"
+ - variable: format
+ label: "General Log format"
+ schema:
+ type: string
+ default: "common"
+ enum:
+ - value: "common"
+ description: "Common Log Format"
+ - value: "json"
+ description: "JSON"
+ - variable: access
+ label: "Access Logs"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: enabledFilters
+ label: "Enable Filters"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: filters
+ label: "Filters"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: statuscodes
+ label: "Status codes"
+ schema:
+ type: string
+ default: "200,300-302"
+ - variable: retryattempts
+ label: "retryattempts"
+ schema:
+ type: boolean
+ default: true
+ - variable: minduration
+ label: "minduration"
+ schema:
+ type: string
+ default: "10ms"
+ - variable: fields
+ label: "Fields"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: general
+ label: "General"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: defaultmode
+ label: "Default Mode"
+ schema:
+ type: string
+ default: "keep"
+ enum:
+ - value: "keep"
+ description: "Keep"
+ - value: "drop"
+ description: "Drop"
+ - variable: headers
+ label: "Headers"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: defaultmode
+ label: "Default Mode"
+ schema:
+ type: string
+ default: "drop"
+ enum:
+ - value: "keep"
+ description: "Keep"
+ - value: "drop"
+ description: "Drop"
+ - variable: format
+ label: "Access Log format"
+ schema:
+ type: string
+ default: "common"
+ enum:
+ - value: "common"
+ description: "Common Log Format"
+ - value: "json"
+ description: "JSON"
+ - variable: middlewares
+ label: ""
+ group: "Middlewares"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: basicAuth
+ label: basicAuth
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: basicAuthEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: users
+ label: Users
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: usersEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: username
+ label: Username
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: password
+ label: Password
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: forwardAuth
+ label: forwardAuth
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: basicAuthEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: address
+ label: Address
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: trustForwardHeader
+ label: trustForwardHeader
+ schema:
+ type: boolean
+ default: false
+ - variable: tls
+ label: TLS
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: insecureSkipVerify
+ label: insecureSkipVerify (expert)
+ description: >-
+ This disables all TLS certificate validation on communications with the authentication endpoint.
+ This could be a security risk and should only be used if you know what you are doing.
+ schema:
+ type: boolean
+ default: false
+ - variable: authResponseHeadersRegex
+ label: authResponseHeadersRegex
+ schema:
+ type: string
+ default: ""
+ - variable: authResponseHeaders
+ label: authResponseHeaders
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: authResponseHeadersEntry
+ label: ""
+ schema:
+ type: string
+ default: ""
+ - variable: authRequestHeaders
+ label: authRequestHeaders
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: authRequestHeadersEntry
+ label: ""
+ schema:
+ type: string
+ default: ""
+ - variable: buffering
+ label: Buffering
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: bufferingEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: maxRequestBodyBytes
+ label: Max Request Body Bytes
+ description: Leave empty and it won't be set
+ schema:
+ type: string
+ valid_chars: '^[0-9]*$'
+ default: ""
+ - variable: memRequestBodyBytes
+ label: Mem Request Body Bytes
+ description: Leave empty and it won't be set
+ schema:
+ type: string
+ valid_chars: '^[0-9]*$'
+ default: ""
+ - variable: maxResponseBodyBytes
+ label: Max Response Body Bytes
+ description: Leave empty and it won't be set
+ schema:
+ type: string
+ valid_chars: '^[0-9]*$'
+ default: ""
+ - variable: memResponseBodyBytes
+ label: Mem Response Body Bytes
+ description: Leave empty and it won't be set
+ schema:
+ type: string
+ valid_chars: '^[0-9]*$'
+ default: ""
+ - variable: retryExpression
+ label: Retry Expression
+ description: Leave empty and it won't be set
+ schema:
+ type: string
+ default: ""
+ - variable: customRequestHeaders
+ label: Custom Request Headers
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: customRequestHeadersEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: headers
+ label: Headers to Add
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: headersEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Header Name
+ description: Name of custom header to be added to requests, eg. X-Custom-Header
+ schema:
+ valid_chars: ^[a-zA-Z0-9_\-]*$
+ type: string
+ required: true
+ default: ""
+ - variable: value
+ label: Header Value
+ description: The value of the header. If the value is empty, the header will be removed.
+ schema:
+ type: string
+ default: ""
+ - variable: customResponseHeaders
+ label: Custom Response Headers
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: customResponseHeadersEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: headers
+ label: Headers to Add
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: headersEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Header Name
+ description: Name of custom header to be added to responses, eg. X-Custom-Header
+ schema:
+ valid_chars: ^[a-zA-Z0-9_\-]*$
+ type: string
+ required: true
+ default: ""
+ - variable: value
+ label: Header Value
+ description: The value of the header. If the value is empty, the header will be removed.
+ schema:
+ type: string
+ default: ""
+ - variable: rewriteResponseHeaders
+ label: Rewrite Response Headers
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: rewriteResponseHeadersEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: headers
+ label: Headers To Rewrite
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: headersEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Header Name
+ description: Name of a header to modified in responses, eg. X-Custom-Header
+ schema:
+ valid_chars: ^[a-zA-Z0-9_\-]*$
+ type: string
+ required: true
+ default: ""
+ - variable: regex
+ label: Regex
+ description: The value of the header to match. Accepts regex expression.
+ schema:
+ type: string
+ default: ""
+ - variable: replacement
+ label: Replacement Regex
+ description: The new value of the header. Accepts regex expression.
+ schema:
+ type: string
+ default: ""
+ - variable: customFrameOptionsValue
+ label: Custom Frame Options Value
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: customFrameOptionsValueEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: X-Frame-Options Header Value
+ description: The value of the header.
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: chain
+ label: Chain
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: chainEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: middlewares
+ label: Middlewares to Chain
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: redirectScheme
+ label: redirectScheme
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: redirectSchemeEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: scheme
+ label: Scheme
+ schema:
+ type: string
+ required: true
+ default: https
+ enum:
+ - value: https
+ description: https
+ - value: http
+ description: http
+ - variable: permanent
+ label: Permanent
+ schema:
+ type: boolean
+ default: false
+ - variable: rateLimit
+ label: rateLimit
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: rateLimitEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: average
+ label: Average
+ schema:
+ type: int
+ required: true
+ default: 300
+ - variable: burst
+ label: Burst
+ schema:
+ type: int
+ required: true
+ default: 200
+ - variable: redirectRegex
+ label: redirectRegex
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: redirectRegexEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: regex
+ label: Regex
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: replacement
+ label: Replacement
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: permanent
+ label: Permanent
+ schema:
+ type: boolean
+ default: false
+ - variable: stripPrefixRegex
+ label: stripPrefixRegex
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: stripPrefixRegexEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: regex
+ label: Regex
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: regexEntry
+ label: Regex
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: ipWhiteList
+ label: ipWhiteList
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ipWhiteListEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: sourceRange
+ label: Source Range
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: sourceRangeEntry
+ label: ""
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: ipStrategy
+ label: IP Strategy
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: depth
+ label: Depth
+ schema:
+ type: int
+ required: true
+ - variable: excludedIPs
+ label: Excluded IPs
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: excludedIPsEntry
+ label: ""
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: themePark
+ label: theme.park
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: themeParkEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ description: This is a 3rd party plugin and not maintained by TrueCharts,
+ for more information go to traefik-themepark
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: appName
+ label: App Name
+ description: Lower case, name of the app to be themed.
+
Go to https://docs.theme-park.dev/themes/ to see supported apps.
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: themeName
+ label: Theme Name
+ description: Lower case, name of the theme to be applied.
+
Go to https://docs.theme-park.dev/theme-options/ to see supported themes.
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: baseUrl
+ label: Base URL
+ description: Replace `https://theme-park.dev` URL for self-hosting reference.
+ schema:
+ type: string
+ required: true
+ default: https://theme-park.dev
+ - variable: addons
+ label: Addons
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: addonEntry
+ label: Addon
+ description: Currently only supports 'darker' and '4k-logo' for *arr apps.
+
Go to https://docs.theme-park.dev/themes/addons/ for Addon information.
+
Go to https://github.com/packruler/traefik-themepark for more context on plugin
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: realIP
+ label: Real IP
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: realIPEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: excludedNetworks
+ label: Excluded Networks
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: excludedNetEntry
+ label: Excluded Network Entry
+ description: Network to exclude setting it to X-Real-Ip
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: geoBlock
+ label: GeoBlock
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: geoBlockEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ description: This is a 3rd party plugin and not maintained by TrueCharts,
+ for more information go to geoblock
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: allowLocalRequests
+ label: Allow Local Requests
+ description: If set to true, will not block request from Private IP Ranges
+ schema:
+ type: boolean
+ default: true
+ - variable: logLocalRequests
+ label: Log Local Requests
+ description: If set to true, will log every connection from any IP in the private IP range
+ schema:
+ type: boolean
+ default: false
+ - variable: logAllowedRequests
+ label: Log Allowed Requests
+ description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
+ schema:
+ type: boolean
+ default: false
+ - variable: logApiRequests
+ label: Log API Requests
+ description: If set to true, will show a log message for every API hit.
+ schema:
+ type: boolean
+ default: false
+ - variable: api
+ label: API
+ description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
+ schema:
+ type: string
+ required: true
+ default: https://get.geojs.io/v1/ip/country/{ip}
+ - variable: apiTimeoutMs
+ label: API Timeout in ms
+ description: Timeout for the call to the api uri.
+ schema:
+ type: int
+ required: true
+ default: 500
+ - variable: cacheSize
+ label: Cache Size
+ description: Defines the max size of the LRU (least recently used) cache.
+ schema:
+ type: int
+ required: true
+ default: 25
+ - variable: forceMonthlyUpdate
+ label: Force Monthly Update
+ description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
+ schema:
+ type: boolean
+ default: true
+ - variable: allowUnknownCountries
+ label: Allow Unknown Countries
+ description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
+ schema:
+ type: boolean
+ default: false
+ - variable: unknownCountryApiResponse
+ label: Unknown Countries API Response
+ description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
+ schema:
+ type: string
+ required: true
+ default: nil
+ - variable: blackListMode
+ label: Blacklist Mode
+ description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
+ schema:
+ type: boolean
+ default: false
+ - variable: countries
+ description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
+ label: Countries
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: countryEntry
+ label: Country
+ description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
+ schema:
+ type: string
+ required: true
+ # Allow only 2 Characters
+ valid_chars: '^[a-zA-Z]{2}$'
+ default: ""
+ - variable: addPrefix
+ label: Add Prefix
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: addPrefixEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: prefix
+ label: Prefix
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: modsecurity
+ label: modsecurity
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: modsecurityEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ description: This is a 3rd party plugin and not maintained by TrueCharts,
+ for more information go to traefik-modsecurity-plugin
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: modSecurityUrl
+ label: ModSecurity Url
+ description: It's the URL for the owasp/modsecurity container.
+ schema:
+ type: string
+ required: true
+ default: "https://someurl"
+ - variable: timeoutMillis
+ label: timeout Millis
+ description: timeout in milliseconds for the http client to talk with modsecurity container. (
+ schema:
+ type: int
+ required: true
+ default: 2
+ - variable: maxBodySize
+ label: maxBody Size
+ description: it's the maximum limit for requests body size. Requests exceeding this value will be rejected using HTTP 413 Request Entity Too Large. Zero means "use default value".
+ schema:
+ type: int
+ required: true
+ default: 0
+ - variable: service
+ group: "Networking and Services"
+ label: "Configure Service Entrypoint"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Service"
+ description: "The Primary service on which the healthcheck runs, often the webUI"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Service
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: LoadBalancer
+ description: LoadBalancer (Expose Ports)
+ - value: ClusterIP
+ description: ClusterIP (Do Not Expose Ports)
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: ports
+ label: "Service's Port(s) Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Entrypoint Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: "Entrypoints Port"
+ schema:
+ type: int
+ default: 9000
+ required: true
+ - variable: tcp
+ label: "TCP Service"
+ description: "The tcp Entrypoint service"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Service
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: LoadBalancer
+ description: LoadBalancer (Expose Ports)
+ - value: ClusterIP
+ description: ClusterIP (Do Not Expose Ports)
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: ports
+ label: "Service's Port(s) Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: web
+ label: "web Entrypoint Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: "Entrypoints Port"
+ schema:
+ type: int
+ default: 80
+ required: true
+ - variable: advanced
+ label: Show Advanced Settings
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: redirectPort
+ label: "Redirect to Port"
+ schema:
+ type: int
+ - variable: redirectTo
+ label: "Redirect to Entrypoint"
+ schema:
+ type: string
+ default: "websecure"
+ - variable: forwardedHeaders
+ label: Accept Forwarded Headers
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: trustedIPs
+ label: Trusted IPs
+ description: Trust Forwarded Headers from specific IPs.
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: trustedIPsEntry
+ label: ""
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: insecureMode
+ label: Insecure Mode
+ description: Always Trust Forwarded Headers
+ schema:
+ type: boolean
+ default: false
+ - variable: proxyProtocol
+ label: Accept Proxy Protocol connections
+ description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: trustedIPs
+ label: Trusted IPs
+ description: Only IPs in trustedIPs will lead to remote client address replacement
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: trustedIPsEntry
+ label: ""
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: insecureMode
+ label: Insecure Mode
+ description: Trust every incoming connection
+ schema:
+ type: boolean
+ default: false
+ - variable: websecure
+ label: "websecure Entrypoints Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: "Entrypoints Port"
+ schema:
+ type: int
+ default: 443
+ required: true
+ - variable: advanced
+ label: Show Advanced Settings
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: redirectPort
+ label: "Redirect to Port"
+ schema:
+ type: int
+ - variable: redirectTo
+ label: "Redirect to Entrypoint"
+ schema:
+ type: string
+ - variable: forwardedHeaders
+ label: Accept Forwarded Headers
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: trustedIPs
+ label: Trusted IPs
+ description: Trust Forwarded Headers from specific IPs.
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: trustedIPsEntry
+ label: ""
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: insecureMode
+ label: Insecure Mode
+ description: Always Trust Forwarded Headers
+ schema:
+ type: boolean
+ default: false
+ - variable: proxyProtocol
+ label: Accept Proxy Protocol connections
+ description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: trustedIPs
+ label: Trusted IPs
+ description: Only IPs in trustedIPs will lead to remote client address replacement
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: trustedIPsEntry
+ label: ""
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: insecureMode
+ label: Insecure Mode
+ description: Trust every incoming connection
+ schema:
+ type: boolean
+ default: false
+ - variable: tls
+ label: "websecure Entrypoints Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ hidden: true
+ attrs:
+ - variable: enabled
+ label: "Enabled"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: portsList
+ label: "Additional TCP Entrypoints"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsListEntry
+ label: "Custom Entrypoints"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the port"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: "Entrypoints Name"
+ schema:
+ type: string
+ default: ""
+ - variable: protocol
+ label: "Entrypoints Type"
+ schema:
+ type: string
+ default: "tcp"
+ enum:
+ - value: http
+ description: "HTTP"
+ - value: "https"
+ description: "HTTPS"
+ - value: tcp
+ description: "TCP"
+ - variable: port
+ label: "Port"
+ description: "This port exposes the container port on the service"
+ schema:
+ type: int
+ required: true
+ - variable: tls
+ label: "websecure Entrypoints Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enabled"
+ schema:
+ type: boolean
+ default: true
+ - variable: redirectPort
+ label: "Redirect to Port"
+ schema:
+ type: int
+ - variable: redirectTo
+ label: "Redirect to Entrypoint"
+ schema:
+ type: string
+ - variable: forwardedHeaders
+ label: Accept Forwarded Headers
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: trustedIPs
+ label: Trusted IPs
+ description: Trust Forwarded Headers from specific IPs.
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: trustedIPsEntry
+ label: ""
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: insecureMode
+ label: Insecure Mode
+ description: Always Trust Forwarded Headers
+ schema:
+ type: boolean
+ default: false
+ - variable: proxyProtocol
+ label: Accept Proxy Protocol connections
+ description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: trustedIPs
+ label: Trusted IPs
+ description: Only IPs in trustedIPs will lead to remote client address replacement
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: trustedIPsEntry
+ label: ""
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: insecureMode
+ label: Insecure Mode
+ description: Trust every incoming connection
+ schema:
+ type: boolean
+ default: false
+ - variable: ingress
+ label: ""
+ group: Ingress
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: [{path: "/", pathType: "Prefix"}]
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: 'Allow Cross Origin Requests (advanced)'
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: 'namespace (optional)'
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: homepage
+ label: Homepage
+ description: Connect ingress with Homepage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: name
+ label: Name (Optional)
+ description: Defaults to chart name
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: description
+ label: Description (Optional)
+ description: Defaults to chart description
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: icon
+ label: Icon (Optional)
+ description: Defaults to chart icon
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: group
+ label: Group
+ schema:
+ type: string
+ required: true
+ default: "default"
+ show_if: [["enabled", "=", true]]
+ - variable: widget
+ label: Widget Settings
+ schema:
+ type: dict
+ additional_attrs: true
+ show_if: [["enabled", "=", true]]
+ attrs:
+ - variable: enabled
+ label: Enable Widget
+ description: When disabled all widget annotations are skipped.
+ schema:
+ type: boolean
+ default: true
+ - variable: custom
+ label: Options
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: key
+ label: API-key (key)
+ schema:
+ type: string
+ default: ""
+ - variable: customkv
+ label: Custom Options
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: option
+ label: Option
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ - variable: ingressClassName
+ label: (Advanced/Optional) IngressClass Name
+ schema:
+ type: string
+ show_if: [["advanced", "=", true]]
+ default: ""
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ show_if: [["advanced", "=", true]]
+ default: []
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: 'Use Custom Certificate Secret (Advanced)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: 'Use TrueNAS SCALE Certificate (Deprecated)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: ingressList
+ label: Add Manual Custom Ingresses
+ group: Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressListEntry
+ label: Custom Ingress
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ default: ""
+ - variable: ingressClassName
+ label: IngressClass Name
+ schema:
+ type: string
+ default: ""
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: overrideService
+ label: Linked Service
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Service Name
+ schema:
+ type: string
+ default: ""
+ - variable: port
+ label: Service Port
+ schema:
+ type: int
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ default: []
+ show_if: [["certificateIssuer", "=", ""]]
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: Use TrueNAS SCALE Certificate (Deprecated)
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: Use Custom Secret (Advanced)
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: "Allow Cross Origin Requests"
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: namespace
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: homepage
+ label: Homepage
+ description: Connect ingress with Homepage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: name
+ label: Name
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: description
+ label: Description
+ description: defaults to chart description
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: group
+ label: Group
+ schema:
+ type: string
+ required: true
+ default: "default"
+ show_if: [["enabled", "=", true]]
+ - variable: securityContext
+ group: Security and Permissions
+ label: Security Context
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: container
+ label: Container
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ # Settings from questions.yaml get appended here on a per-app basis
+ - variable: runAsUser
+ label: "runAsUser"
+ description: "The UserID of the user running the application"
+ schema:
+ type: int
+ default: 568
+ - variable: runAsGroup
+ label: "runAsGroup"
+ description: "The groupID of the user running the application"
+ schema:
+ type: int
+ default: 568
+ # Settings from questions.yaml get appended here on a per-app basis
+ - variable: PUID
+ label: Process User ID - PUID
+ description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
+ schema:
+ type: int
+ show_if: [["runAsUser", "=", 0]]
+ default: 568
+ - variable: UMASK
+ label: UMASK
+ description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
+ schema:
+ type: string
+ default: "0022"
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: privileged
+ label: "Privileged mode"
+ schema:
+ type: boolean
+ default: false
+ - variable: readOnlyRootFilesystem
+ label: "ReadOnly Root Filesystem"
+ schema:
+ type: boolean
+ default: true
+ - variable: pod
+ label: Pod
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: fsGroupChangePolicy
+ label: "When should we take ownership?"
+ schema:
+ type: string
+ default: OnRootMismatch
+ enum:
+ - value: OnRootMismatch
+ description: OnRootMismatch
+ - value: Always
+ description: Always
+ - variable: supplementalGroups
+ label: Supplemental Groups
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: supplementalGroupsEntry
+ label: Supplemental Group
+ schema:
+ type: int
+ # Settings from questions.yaml get appended here on a per-app basis
+ - variable: fsGroup
+ label: "fsGroup"
+ description: "The group that should own ALL storage."
+ schema:
+ type: int
+ default: 568
+ - variable: resources
+ group: Resources and Devices
+ label: "Resource Limits"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: limits
+ label: Advanced Limit Resource Consumption
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 4000m
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: RAM
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 8Gi
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: requests
+ label: "Minimum Resources Required (request)"
+ schema:
+ additional_attrs: true
+ type: dict
+ hidden: true
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 10m
+ hidden: true
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: "RAM"
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 50Mi
+ hidden: true
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: deviceList
+ label: Mount USB Devices
+ group: Resources and Devices
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: deviceListEntry
+ label: Device
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Storage
+ schema:
+ type: boolean
+ default: true
+ - variable: type
+ label: (Advanced) Type of Storage
+ description: Sets the persistence type
+ schema:
+ type: string
+ default: device
+ hidden: true
+ - variable: readOnly
+ label: readOnly
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: Host Device Path
+ description: Path to the device on the host system
+ schema:
+ type: path
+ - variable: mountPath
+ label: Container Device Path
+ description: Path inside the container the device is mounted
+ schema:
+ type: string
+ default: "/dev/ttyACM0"
+ - variable: scaleGPU
+ label: GPU Configuration
+ group: Resources and Devices
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: scaleGPUEntry
+ label: GPU
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ # Specify GPU configuration
+ - variable: gpu
+ label: Select GPU
+ schema:
+ additional_attrs: true
+ type: dict
+ $ref:
+ - "definitions/gpuConfiguration"
+ attrs: []
+ - variable: workaround
+ label: "Workaround"
+ schema:
+ type: string
+ default: workaround
+ hidden: true
+ - variable: metrics
+ group: Metrics
+ label: Prometheus Metrics
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: Main Metrics
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enabled
+ description: Enable Prometheus Metrics
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: prometheusRule
+ label: PrometheusRule
+ description: Enable and configure Prometheus Rules for the App.
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enabled
+ description: Enable Prometheus Metrics
+ schema:
+ type: boolean
+ default: false
+ # TODO: Rule List section
+# - variable: horizontalPodAutoscaler
+# group: Advanced
+# label: (Advanced) Horizontal Pod Autoscaler
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: hpaEntry
+# label: HPA Entry
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: name
+# label: Name
+# schema:
+# type: string
+# required: true
+# default: ""
+# - variable: enabled
+# label: Enabled
+# schema:
+# type: boolean
+# default: false
+# show_subquestions_if: true
+# subquestions:
+# - variable: target
+# label: Target
+# description: Deployment name, Defaults to Main Deployment
+# schema:
+# type: string
+# default: ""
+# - variable: minReplicas
+# label: Minimum Replicas
+# schema:
+# type: int
+# default: 1
+# - variable: maxReplicas
+# label: Maximum Replicas
+# schema:
+# type: int
+# default: 5
+# - variable: targetCPUUtilizationPercentage
+# label: Target CPU Utilization Percentage
+# schema:
+# type: int
+# default: 80
+# - variable: targetMemoryUtilizationPercentage
+# label: Target Memory Utilization Percentage
+# schema:
+# type: int
+# default: 80
+ - variable: networkPolicy
+ group: Advanced
+ label: (Advanced) Network Policy
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: netPolicyEntry
+ label: Network Policy Entry
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: policyType
+ label: Policy Type
+ schema:
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: Default
+ - value: ingress
+ description: Ingress
+ - value: egress
+ description: Egress
+ - value: ingress-egress
+ description: Ingress and Egress
+ - variable: egress
+ label: Egress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: egressEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: to
+ label: To
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: toEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: ipBlock
+ label: IP Block
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cidr
+ label: CIDR
+ schema:
+ type: string
+ default: ""
+ - variable: except
+ label: Except
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: exceptint
+ label: ""
+ schema:
+ type: string
+ - variable: namespaceSelector
+ label: Namespace Selector
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: podSelector
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: ports
+ label: Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ - variable: endPort
+ label: End Port
+ schema:
+ type: int
+ - variable: protocol
+ label: Protocol
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: TCP
+ description: TCP
+ - value: UDP
+ description: UDP
+ - value: SCTP
+ description: SCTP
+ - variable: ingress
+ label: Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: from
+ label: From
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: fromEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: ipBlock
+ label: IP Block
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cidr
+ label: CIDR
+ schema:
+ type: string
+ default: ""
+ - variable: except
+ label: Except
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: exceptint
+ label: ""
+ schema:
+ type: string
+ - variable: namespaceSelector
+ label: Namespace Selector
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: podSelector
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: ports
+ label: Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ - variable: endPort
+ label: End Port
+ schema:
+ type: int
+ - variable: protocol
+ label: Protocol
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: TCP
+ description: TCP
+ - value: UDP
+ description: UDP
+ - value: SCTP
+ description: SCTP
+ - variable: addons
+ group: Addons
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: codeserver
+ label: Codeserver
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: service
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: NodePort
+ description: Deprecated CHANGE THIS
+ - value: ClusterIP
+ description: ClusterIP
+ - value: LoadBalancer
+ description: LoadBalancer
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: ports
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: codeserver
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ default: 36107
+ - variable: ingress
+ label: "Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: [{path: "/", pathType: "Prefix"}]
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: 'Allow Cross Origin Requests (advanced)'
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: 'namespace (optional)'
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ - variable: ingressClassName
+ label: (Advanced/Optional) IngressClass Name
+ schema:
+ type: string
+ show_if: [["advanced", "=", true]]
+ default: ""
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ show_if: [["advanced", "=", true]]
+ default: []
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: 'Use Custom Certificate Secret (Advanced)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: 'Use TrueNAS SCALE Certificate (Deprecated)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: envList
+ label: Codeserver Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ - variable: netshoot
+ label: Netshoot
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: envList
+ label: Netshoot Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ - variable: vpn
+ label: VPN
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ schema:
+ type: string
+ default: disabled
+ enum:
+ - value: disabled
+ description: disabled
+ - value: gluetun
+ description: Gluetun
+ - value: tailscale
+ description: Tailscale
+ - value: openvpn
+ description: OpenVPN (Deprecated)
+ - value: wireguard
+ description: Wireguard (Deprecated)
+ - variable: openvpn
+ label: OpenVPN Settings
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["type", "=", "openvpn"]]
+ attrs:
+ - variable: username
+ label: Authentication Username (Optional)
+ description: Authentication Username, Optional
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: Authentication Password
+ description: Authentication Credentials
+ schema:
+ type: string
+ show_if: [["username", "!=", ""]]
+ default: ""
+ required: true
+ - variable: tailscale
+ label: Tailscale Settings
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["type", "=", "tailscale"]]
+ attrs:
+ - variable: authkey
+ label: Authentication Key
+ description: Provide an auth key to automatically authenticate the node as your user account.
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: auth_once
+ label: Auth Once
+ description: Only attempt to log in if not already logged in.
+ schema:
+ type: boolean
+ default: true
+ - variable: accept_dns
+ label: Accept DNS
+ description: Accept DNS configuration from the admin console.
+ schema:
+ type: boolean
+ default: false
+ - variable: userspace
+ label: Userspace
+ description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
+ schema:
+ type: boolean
+ default: false
+ - variable: routes
+ label: Routes
+ description: Expose physical subnet routes to your entire Tailscale network.
+ schema:
+ type: string
+ default: ""
+ - variable: dest_ip
+ label: Destination IP
+ description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
+ schema:
+ type: string
+ default: ""
+ - variable: sock5_server
+ label: Sock5 Server
+ description: The address on which to listen for SOCKS5 proxying into the tailscale net.
+ schema:
+ type: string
+ default: ""
+ - variable: outbound_http_proxy_listen
+ label: Outbound HTTP Proxy Listen
+ description: The address on which to listen for HTTP proxying into the tailscale net.
+ schema:
+ type: string
+ default: ""
+ - variable: extra_args
+ label: Extra Args
+ description: Extra Args
+ schema:
+ type: string
+ default: ""
+ - variable: daemon_extra_args
+ label: Tailscale Daemon Extra Args
+ description: Tailscale Daemon Extra Args
+ schema:
+ type: string
+ default: ""
+ - variable: killSwitch
+ label: Enable Killswitch
+ schema:
+ type: boolean
+ show_if: [["type", "!=", "disabled"]]
+ default: true
+ - variable: excludedNetworks_IPv4
+ label: Killswitch Excluded IPv4 networks
+ description: List of Killswitch Excluded IPv4 Addresses
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv4
+ label: IPv4 Network
+ schema:
+ type: string
+ required: true
+ - variable: excludedNetworks_IPv6
+ label: Killswitch Excluded IPv6 networks
+ description: "List of Killswitch Excluded IPv6 Addresses"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv6
+ label: IPv6 Network
+ schema:
+ type: string
+ required: true
+ - variable: configFile
+ label: VPN Config File Location
+ schema:
+ type: string
+ show_if: [["type", "!=", "disabled"]]
+ default: ""
+
+ - variable: envList
+ label: VPN Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ max_length: 10240
+ - variable: docs
+ group: Documentation
+ label: Please read the documentation at https://truecharts.org
+ description: Please read the documentation at
+
https://truecharts.org
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDocs
+ label: I have checked the documentation
+ schema:
+ type: boolean
+ default: true
+ - variable: donateNag
+ group: Documentation
+ label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
+ description: Please consider supporting TrueCharts, see
+
https://truecharts.org/sponsor
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDonate
+ label: I have considered donating
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: warning
+ group: Documentation
+ label: 'WARNING: If installed, be sure to move the TrueNAS GUI to another port (not 80 or 443).'
+ description: 'See:
https://truecharts.org/charts/enterprise/traefik/how-to for more info.'
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: warningconfim
+ label: I am aware that I will brick my system, if I did not follow the instructions.
+ schema:
+ type: boolean
+ default: true
+ required: true
diff --git a/enterprise/velero/3.1.12/templates/NOTES.txt b/enterprise/traefik/25.1.13/templates/NOTES.txt
similarity index 100%
rename from enterprise/velero/3.1.12/templates/NOTES.txt
rename to enterprise/traefik/25.1.13/templates/NOTES.txt
diff --git a/enterprise/traefik/25.1.13/templates/_args.tpl b/enterprise/traefik/25.1.13/templates/_args.tpl
new file mode 100644
index 0000000000..06e39a4689
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/_args.tpl
@@ -0,0 +1,194 @@
+{{/* Define the args */}}
+{{- define "traefik.args" -}}
+args:
+ {{/* merge all ports */}}
+ {{- $ports := dict }}
+ {{- range $.Values.service }}
+ {{- range $name, $value := .ports }}
+ {{- $_ := set $ports $name $value }}
+ {{- end }}
+ {{- end }}
+ {{/* start of actual arguments */}}
+ {{- with .Values.globalArguments }}
+ {{- range . }}
+ - {{ . | quote }}
+ {{- end }}
+ {{- end }}
+ {{- range $name, $config := $ports }}
+ {{- if $config }}
+ {{- if or ( eq $config.protocol "http" ) ( eq $config.protocol "https" ) ( eq $config.protocol "tcp" ) }}
+ {{- $_ := set $config "protocol" "tcp" }}
+ {{- end }}
+ - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
+ {{- end }}
+ {{- end }}
+ - "--api.dashboard=true"
+ - "--ping=true"
+ {{- if .Values.traefikMetrics }}
+ {{- if .Values.traefikMetrics.datadog }}
+ - "--metrics.datadog=true"
+ - "--metrics.datadog.address={{ .Values.traefikMetrics.datadog.address }}"
+ {{- end }}
+ {{- if .Values.traefikMetrics.influxdb }}
+ - "--metrics.influxdb=true"
+ - "--metrics.influxdb.address={{ .Values.traefikMetrics.influxdb.address }}"
+ - "--metrics.influxdb.protocol={{ .Values.traefikMetrics.influxdb.protocol }}"
+ {{- end }}
+ {{- if .Values.traefikMetrics.statsd }}
+ - "--metrics.statsd=true"
+ - "--metrics.statsd.address={{ .Values.traefikMetrics.statsd.address }}"
+ {{- if or .Values.traefikMetrics.prometheus }}
+ - "--metrics.prometheus=true"
+ - "--metrics.prometheus.entrypoint=metrics"
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ {{- if or .Values.metrics.main.enabled }}
+ - "--metrics.prometheus=true"
+ - "--metrics.prometheus.entrypoint=metrics"
+ {{- end }}
+ {{- if .Values.providers.kubernetesCRD.enabled }}
+ - "--providers.kubernetescrd"
+ {{- end }}
+ {{- if .Values.providers.kubernetesIngress.enabled }}
+ - "--providers.kubernetesingress"
+ {{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
+ - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
+ {{- end }}
+ {{- if .Values.providers.kubernetesIngress.labelSelector }}
+ - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
+ {{- end }}
+ {{- end }}
+ {{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
+ {{- if .Values.providers.kubernetesCRD.enabled }}
+ - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
+ {{- end }}
+ {{- if .Values.providers.kubernetesIngress.enabled }}
+ - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
+ {{- end }}
+ {{- end }}
+ {{- if $.Values.ingressClass.enabled }}
+ - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
+ {{- end }}
+ {{- range $entrypoint, $config := $ports }}
+ {{/* add args for proxyProtocol support */}}
+ {{- if $config.proxyProtocol }}
+ {{- if $config.proxyProtocol.enabled }}
+ {{- if $config.proxyProtocol.insecureMode }}
+ - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
+ {{- end }}
+ {{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
+ - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ {{/* add args for forwardedHeaders support */}}
+ {{- if $config.forwardedHeaders.enabled }}
+ {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
+ - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
+ {{- end }}
+ {{- if $config.forwardedHeaders.insecureMode }}
+ - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
+ {{- end }}
+ {{- end }}
+ {{/* end forwardedHeaders configuration */}}
+ {{- if $config.redirectTo }}
+ {{- $toPort := index $ports $config.redirectTo }}
+ - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
+ - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
+ {{- else if $config.redirectPort }}
+ {{ if gt $config.redirectPort 0.0 }}
+ - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
+ - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
+ {{- end }}
+ {{- end }}
+ {{- if or ( $config.tls ) ( eq $config.protocol "https" ) }}
+ {{- if or ( $config.tls.enabled ) ( eq $config.protocol "https" ) }}
+ - "--entrypoints.{{ $entrypoint }}.http.tls=true"
+ {{- if $config.tls.options }}
+ - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
+ {{- end }}
+ {{- if $config.tls.certResolver }}
+ - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
+ {{- end }}
+ {{- if $config.tls.domains }}
+ {{- range $index, $domain := $config.tls.domains }}
+ {{- if $domain.main }}
+ - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
+ {{- end }}
+ {{- if $domain.sans }}
+ - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ {{- with .Values.logs }}
+ - "--log.format={{ .general.format }}"
+ {{- if ne .general.level "ERROR" }}
+ - "--log.level={{ .general.level | upper }}"
+ {{- end }}
+ {{- if .access.enabled }}
+ - "--accesslog=true"
+ - "--accesslog.format={{ .access.format }}"
+ {{- if .access.bufferingsize }}
+ - "--accesslog.bufferingsize={{ .access.bufferingsize }}"
+ {{- end }}
+ {{- if .access.filters }}
+ {{- if .access.filters.statuscodes }}
+ - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
+ {{- end }}
+ {{- if .access.filters.retryattempts }}
+ - "--accesslog.filters.retryattempts"
+ {{- end }}
+ {{- if .access.filters.minduration }}
+ - "--accesslog.filters.minduration={{ .access.filters.minduration }}"
+ {{- end }}
+ {{- end }}
+ - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
+ {{- range $fieldname, $fieldaction := .access.fields.general.names }}
+ - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
+ {{- end }}
+ - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
+ {{- range $fieldname, $fieldaction := .access.fields.headers.names }}
+ - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ {{/*
+ For new plugins, add them on the container also
+ https://github.com/truecharts/containers/blob/master/mirror/traefik/Dockerfile
+ moduleName must match on the container and here
+ */}}
+ {{- if .Values.middlewares.themePark }}
+ {{/* theme.park */}}
+ - "--experimental.localPlugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
+ {{- end }}
+ {{/* End of theme.park */}}
+ {{/* GeoBlock */}}
+ {{- if .Values.middlewares.geoBlock }}
+ - "--experimental.localPlugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
+ {{- end }}
+ {{/* End of GeoBlock */}}
+ {{/* RealIP */}}
+ {{- if .Values.middlewares.realIP }}
+ - "--experimental.localPlugins.traefik-real-ip.modulename=github.com/jramsgz/traefik-real-ip"
+ {{- end }}
+ {{/* End of RealIP */}}
+ {{/* ModSecurity */}}
+ {{- if .Values.middlewares.modsecurity }}
+ - "--experimental.localPlugins.traefik-modsecurity-plugin.modulename=github.com/acouvreur/traefik-modsecurity-plugin"
+ {{- end }}
+ {{/* End of ModSecurity */}}
+ {{/* RewriteResponseHeaders */}}
+ {{- if .Values.middlewares.rewriteResponseHeaders }}
+ - "--experimental.localPlugins.rewriteResponseHeaders.modulename=github.com/XciD/traefik-plugin-rewrite-headers"
+ {{- end }}
+ {{/* End of RewriteResponseHeaders */}}
+ {{- with .Values.additionalArguments }}
+ {{- range . }}
+ - {{ . | quote }}
+ {{- end }}
+ {{- end }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/_helpers.tpl b/enterprise/traefik/25.1.13/templates/_helpers.tpl
new file mode 100644
index 0000000000..1345dcea39
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{/*
+Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
+By convention this will simply use the / to match the name of the
+service generated.
+Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
+*/}}
+{{- define "providers.kubernetesIngress.publishedServicePath" -}}
+{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
+{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
+{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
+{{- print $servicePath | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Construct a comma-separated list of whitelisted namespaces
+*/}}
+{{- define "providers.kubernetesIngress.namespaces" -}}
+{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
+{{- end -}}
+{{- define "providers.kubernetesCRD.namespaces" -}}
+{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/_ingressclass.tpl b/enterprise/traefik/25.1.13/templates/_ingressclass.tpl
new file mode 100644
index 0000000000..4213783865
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/_ingressclass.tpl
@@ -0,0 +1,24 @@
+{{/* Define the ingressClass */}}
+{{- define "traefik.ingressClass" -}}
+---
+{{ if $.Values.ingressClass.enabled }}
+ {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
+apiVersion: networking.k8s.io/v1
+ {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
+apiVersion: networking.k8s.io/v1beta1
+ {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
+apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
+ {{- else }}
+ {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
+ {{- end }}
+kind: IngressClass
+metadata:
+ annotations:
+ ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
+ labels:
+ {{- include "tc.v1.common.lib.metadata.allLabels" . | nindent 4 }}
+ name: {{ .Release.Name }}
+spec:
+ controller: traefik.io/ingress-controller
+{{- end }}
+{{- end }}
diff --git a/enterprise/traefik/25.1.13/templates/_ingressroute.tpl b/enterprise/traefik/25.1.13/templates/_ingressroute.tpl
new file mode 100644
index 0000000000..8e1d0f4e3f
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/_ingressroute.tpl
@@ -0,0 +1,34 @@
+{{/* Define the ingressRoute */}}
+{{- define "traefik.ingressRoute" -}}
+{{ if .Values.ingressRoute.dashboard.enabled }}
+
+{{- $ingressRouteLabels := .Values.ingressRoute.dashboard.labels }}
+{{- $ingressRouteAnnotations := .Values.ingressRoute.dashboard.annotations }}
+
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: {{ include "tc.v1.common.lib.chart.names.fullname" . }}-dashboard
+ {{- $labels := (mustMerge ($ingressRouteLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
+ {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
+ labels:
+ {{- . | nindent 4 }}
+ {{- end }}
+ {{- $annotations := (mustMerge ($ingressRouteAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
+ {{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
+ annotations:
+ {{- . | nindent 4 }}
+ {{- end }}
+
+spec:
+ entryPoints:
+ - main
+ routes:
+ - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
+ kind: Rule
+ services:
+ - name: api@internal
+ kind: TraefikService
+{{ end }}
+{{- end }}
diff --git a/enterprise/traefik/25.1.13/templates/_portalhook.tpl b/enterprise/traefik/25.1.13/templates/_portalhook.tpl
new file mode 100644
index 0000000000..ec69a695ca
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/_portalhook.tpl
@@ -0,0 +1,24 @@
+{{/* Define the portalHook */}}
+{{- define "traefik.portalhook" -}}
+{{- if .Values.portalhook.enabled -}}
+ {{- $name := "portalhook" -}}
+ {{- if $.Values.ingressClass.enabled -}}
+ {{- $name = printf "portalhook-%v" .Release.Name -}}
+ {{- end }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ $name }}
+data:
+ {{- $ports := dict }}
+ {{- range $.Values.service }}
+ {{- range $name, $value := .ports }}
+ {{- $_ := set $ports $name $value }}
+ {{- end }}
+ {{- end }}
+ {{- range $name, $value := $ports }}
+ {{ $name }}: {{ $value.port | quote }}
+ {{- end }}
+{{- end }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/_tlsoptions.tpl b/enterprise/traefik/25.1.13/templates/_tlsoptions.tpl
new file mode 100644
index 0000000000..163b536442
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/_tlsoptions.tpl
@@ -0,0 +1,13 @@
+{{/* Define the tlsOptions */}}
+{{- define "traefik.tlsOptions" -}}
+{{- range $name, $config := .Values.tlsOptions }}
+
+---
+apiVersion: traefik.io/v1alpha1
+kind: TLSOption
+metadata:
+ name: {{ $name }}
+spec:
+ {{- toYaml $config | nindent 2 }}
+{{- end }}
+{{- end }}
diff --git a/enterprise/traefik/25.1.13/templates/_tlsstore.tpl b/enterprise/traefik/25.1.13/templates/_tlsstore.tpl
new file mode 100644
index 0000000000..17908e2920
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/_tlsstore.tpl
@@ -0,0 +1,26 @@
+{{/* Define the tlsOptions */}}
+{{- define "traefik.tlsstore" -}}
+{{- if .Values.defaultCertificate }}
+---
+apiVersion: traefik.io/v1alpha1
+kind: TLSStore
+metadata:
+ name: default
+spec:
+ certificates:
+ - secretName: clusterissuer-templated-{{ tpl .Values.defaultCertificate $ }}
+ defaultCertificate:
+ secretName: clusterissuer-templated-{{ tpl .Values.defaultCertificate $ }}
+{{- end }}
+
+{{- range $name, $config := .Values.tlsStore }}
+
+---
+apiVersion: traefik.io/v1alpha1
+kind: TLSStore
+metadata:
+ name: {{ $name }}
+spec:
+ {{- toYaml $config | nindent 2 }}
+{{- end }}
+{{- end }}
diff --git a/enterprise/traefik/25.1.13/templates/common.yaml b/enterprise/traefik/25.1.13/templates/common.yaml
new file mode 100644
index 0000000000..d00c5ec4cc
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/common.yaml
@@ -0,0 +1,24 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.v1.common.loader.init" . }}
+
+{{- $newArgs := (include "traefik.args" . | fromYaml) }}
+{{- $_ := set .Values "newArgs" $newArgs -}}
+{{- $mergedargs := concat $.Values.workload.main.podSpec.containers.main.args .Values.newArgs.args }}
+{{- $_ := set $.Values.workload.main.podSpec.containers.main "args" $mergedargs -}}
+
+{{- include "traefik.portalhook" . }}
+{{- include "traefik.tlsstore" . }}
+{{- include "traefik.tlsOptions" . }}
+{{- include "traefik.ingressRoute" . }}
+{{- include "traefik.ingressClass" . }}
+
+{{- with .Values.ingress -}}
+ {{- with .main -}}
+ {{- if .enabled -}}
+ {{- $_ := set $.Values.portal.open.override "protocol" "https" -}}
+ {{- end -}}
+ {{- end -}}
+{{- end -}}
+
+{{/* Render the templates */}}
+{{ include "tc.v1.common.loader.apply" . }}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/addPrefix.yaml b/enterprise/traefik/25.1.13/templates/middlewares/addPrefix.yaml
new file mode 100644
index 0000000000..4713823364
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/addPrefix.yaml
@@ -0,0 +1,12 @@
+{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
+
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ addPrefix:
+ prefix: {{ $middlewareData.prefix }}
+{{- end }}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/basic-middleware.yaml b/enterprise/traefik/25.1.13/templates/middlewares/basic-middleware.yaml
new file mode 100644
index 0000000000..ef4671254e
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/basic-middleware.yaml
@@ -0,0 +1,57 @@
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-compress" $.Release.Name) "compress" $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ compress: {}
+---
+# Here, an average of 300 requests per second is allowed.
+# In addition, a burst of 200 requests is allowed.
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-basic-ratelimit" $.Release.Name) "basic-ratelimit" $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ rateLimit:
+ average: 600
+ burst: 400
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-basic-secure-headers" $.Release.Name) "basic-secure-headers" $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ headers:
+ accessControlAllowMethods:
+ - GET
+ - OPTIONS
+ - HEAD
+ - PUT
+ accessControlMaxAge: 100
+ stsSeconds: 63072000
+ # stsIncludeSubdomains: false
+ # stsPreload: false
+ forceSTSHeader: true
+ contentTypeNosniff: true
+ browserXssFilter: true
+ referrerPolicy: same-origin
+ customRequestHeaders:
+ X-Forwarded-Proto: "https"
+ customResponseHeaders:
+ server: ''
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-chain-basic" $.Release.Name) "chain-basic" $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ chain:
+ middlewares:
+ - name: {{ ternary (printf "%v-basic-ratelimit" $.Release.Name) "basic-ratelimit" $.Values.ingressClass.enabled }}
+ - name: {{ ternary (printf "%v-basic-secure-headers" $.Release.Name) "basic-secure-headers" $.Values.ingressClass.enabled }}
+ - name: {{ ternary (printf "%v-compress" $.Release.Name) "compress" $.Values.ingressClass.enabled }}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/basicauth.yaml b/enterprise/traefik/25.1.13/templates/middlewares/basicauth.yaml
new file mode 100644
index 0000000000..1bbdc462b3
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/basicauth.yaml
@@ -0,0 +1,30 @@
+{{- range $index, $middlewareData := .Values.middlewares.basicAuth -}}
+
+ {{- $users := list -}}
+ {{- range $index, $userdata := $middlewareData.users -}}
+ {{- $users = append $users (htpasswd $userdata.username $userdata.password) -}}
+ {{- end }}
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ printf "%v-%v" $middlewareData.name "secret" }}
+ namespace: {{ $.Release.Namespace }}
+type: Opaque
+stringData:
+ users: |
+ {{- range $index, $user := $users }}
+ {{ printf "%s" $user }}
+ {{- end }}
+---
+# Declaring the user list
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ basicAuth:
+ secret: {{ printf "%v-%v" $middlewareData.name "secret" }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/buffering.yaml b/enterprise/traefik/25.1.13/templates/middlewares/buffering.yaml
new file mode 100644
index 0000000000..eade09784e
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/buffering.yaml
@@ -0,0 +1,26 @@
+{{- range $index, $middlewareData := .Values.middlewares.buffering }}
+---
+# Declaring the user list
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ buffering: {{/* Only render if its not and has a value of 0 or greater */}}
+ {{- if and (not (kindIs "invalid" $middlewareData.maxRequestBodyBytes)) (ge ($middlewareData.maxRequestBodyBytes | int) 0) }}
+ maxRequestBodyBytes: {{ $middlewareData.maxRequestBodyBytes }}
+ {{- end -}}
+ {{- if and (not (kindIs "invalid" $middlewareData.memRequestBodyBytes)) (ge ($middlewareData.memRequestBodyBytes | int) 0) }}
+ memRequestBodyBytes: {{ $middlewareData.memRequestBodyBytes }}
+ {{- end -}}
+ {{- if and (not (kindIs "invalid" $middlewareData.maxResponseBodyBytes)) (ge ($middlewareData.maxResponseBodyBytes | int) 0) }}
+ maxResponseBodyBytes: {{ $middlewareData.maxResponseBodyBytes }}
+ {{- end -}}
+ {{- if and (not (kindIs "invalid" $middlewareData.memResponseBodyBytes)) (ge ($middlewareData.memResponseBodyBytes | int) 0) }}
+ memResponseBodyBytes: {{ $middlewareData.memResponseBodyBytes }}
+ {{- end -}}
+ {{- if $middlewareData.retryExpression }}
+ retryExpression: {{ $middlewareData.retryExpression | quote }}
+ {{- end -}}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/chain.yaml b/enterprise/traefik/25.1.13/templates/middlewares/chain.yaml
new file mode 100644
index 0000000000..17d8853fb0
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/chain.yaml
@@ -0,0 +1,21 @@
+{{- $values := .Values -}}
+{{- $namespace := $.Release.Namespace -}}
+{{- if $.Values.ingressClass.enabled -}}
+ {{- $namespace := (printf "%v-%v" $namespace .Release.Name) -}}
+{{- end -}}
+
+{{- range $index, $middlewareData := .Values.middlewares.chain }}
+---
+# Declaring the user list
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ chain:
+ middlewares:
+ {{- range $index, $middleware := .middlewares }}
+ - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
+ {{- end }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/customFrameOptionsValue.yaml b/enterprise/traefik/25.1.13/templates/middlewares/customFrameOptionsValue.yaml
new file mode 100644
index 0000000000..9b9f2b6606
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/customFrameOptionsValue.yaml
@@ -0,0 +1,12 @@
+{{- range $index, $middlewareData := .Values.middlewares.customFrameOptionsValue }}
+---
+# Declaring the user list
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ headers:
+ customFrameOptionsValue: {{ $middlewareData.value }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/customRequestHeaders.yaml b/enterprise/traefik/25.1.13/templates/middlewares/customRequestHeaders.yaml
new file mode 100644
index 0000000000..3c43a131a1
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/customRequestHeaders.yaml
@@ -0,0 +1,15 @@
+{{- range $index, $middlewareData := .Values.middlewares.customRequestHeaders }}
+---
+# Declaring the user list
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ headers:
+ customRequestHeaders:
+ {{- range $index, $customRequestHeader := $middlewareData.headers }}
+ {{ $customRequestHeader.name }}: {{ $customRequestHeader.value | quote }}
+ {{- end }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/customResponseHeaders.yaml b/enterprise/traefik/25.1.13/templates/middlewares/customResponseHeaders.yaml
new file mode 100644
index 0000000000..a75db8a338
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/customResponseHeaders.yaml
@@ -0,0 +1,15 @@
+{{- range $index, $middlewareData := .Values.middlewares.customResponseHeaders }}
+---
+# Declaring the user list
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ headers:
+ customResponseHeaders:
+ {{- range $index, $customResponseHeader := $middlewareData.headers }}
+ {{ $customResponseHeader.name }}: {{ $customResponseHeader.value | quote }}
+ {{- end }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/forwardauth.yaml b/enterprise/traefik/25.1.13/templates/middlewares/forwardauth.yaml
new file mode 100644
index 0000000000..787fa79682
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/forwardauth.yaml
@@ -0,0 +1,29 @@
+{{- range $index, $middlewareData := .Values.middlewares.forwardAuth }}
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ forwardAuth:
+ address: {{ $middlewareData.address }}
+ {{- with $middlewareData.authResponseHeaders }}
+ authResponseHeaders:
+ {{- toYaml . | nindent 4 }}
+ {{- end -}}
+ {{- with $middlewareData.authRequestHeaders }}
+ authRequestHeaders:
+ {{- toYaml . | nindent 4 }}
+ {{- end -}}
+ {{- if $middlewareData.authResponseHeadersRegex }}
+ authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
+ {{- end -}}
+ {{- if $middlewareData.trustForwardHeader }}
+ trustForwardHeader: true
+ {{- end -}}
+ {{- with $middlewareData.tls }}
+ tls:
+ insecureSkipVerify: {{ .insecureSkipVerify | default false }}
+ {{- end -}}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/geoblock.yaml b/enterprise/traefik/25.1.13/templates/middlewares/geoblock.yaml
new file mode 100644
index 0000000000..2a647778e5
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/geoblock.yaml
@@ -0,0 +1,29 @@
+{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ plugin:
+ GeoBlock:
+ allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
+ logLocalRequests: {{ $middlewareData.logLocalRequests }}
+ logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
+ logApiRequests: {{ $middlewareData.logApiRequests }}
+ api: {{ $middlewareData.api }}
+ apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
+ cacheSize: {{ $middlewareData.cacheSize }}
+ forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
+ allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
+ unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
+ blackListMode: {{ $middlewareData.blackListMode }}
+ {{- if not $middlewareData.countries -}}
+ {{- fail "You have to define at least one country..." -}}
+ {{- end }}
+ countries:
+ {{- range $middlewareData.countries }}
+ - {{ . }}
+ {{- end }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/ipwhitelist.yaml b/enterprise/traefik/25.1.13/templates/middlewares/ipwhitelist.yaml
new file mode 100644
index 0000000000..fc876aca5f
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/ipwhitelist.yaml
@@ -0,0 +1,27 @@
+{{- range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
+---
+# Declaring the user list
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ ipWhiteList:
+ sourceRange:
+ {{- range $middlewareData.sourceRange }}
+ - {{ . }}
+ {{- end }}
+ {{- if $middlewareData.ipStrategy }}
+ ipStrategy:
+ {{- if $middlewareData.ipStrategy.depth }}
+ depth: {{ $middlewareData.ipStrategy.depth }}
+ {{- end -}}
+ {{- if $middlewareData.ipStrategy.excludedIPs }}
+ excludedIPs:
+ {{- range $middlewareData.ipStrategy.excludedIPs }}
+ - {{ . }}
+ {{- end }}
+ {{- end -}}
+ {{- end -}}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/modsecurity.yaml b/enterprise/traefik/25.1.13/templates/middlewares/modsecurity.yaml
new file mode 100644
index 0000000000..07a8d5d358
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/modsecurity.yaml
@@ -0,0 +1,14 @@
+{{- range $index, $middlewareData := .Values.middlewares.modsecurity }}
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ plugin:
+ traefik-modsecurity-plugin:
+ modSecurityUrl: {{ $middlewareData.modSecurityUrl }}
+ timeoutMillis: {{ $middlewareData.timeoutMillis }}
+ maxBodySize: {{ $middlewareData.maxBodySize }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/ratelimit.yaml b/enterprise/traefik/25.1.13/templates/middlewares/ratelimit.yaml
new file mode 100644
index 0000000000..cd9117633f
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/ratelimit.yaml
@@ -0,0 +1,13 @@
+{{- range $index, $middlewareData := .Values.middlewares.rateLimit }}
+---
+# Declaring the user list
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ rateLimit:
+ average: {{ $middlewareData.average }}
+ burst: {{ $middlewareData.burst }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/real-ip.yaml b/enterprise/traefik/25.1.13/templates/middlewares/real-ip.yaml
new file mode 100644
index 0000000000..2877d9ce7f
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/real-ip.yaml
@@ -0,0 +1,15 @@
+{{- range $index, $middlewareData := .Values.middlewares.realIP }}
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ plugin:
+ traefik-real-ip:
+ excludednets:
+ {{- range $middlewareData.excludedNetworks }}
+ - {{ . | quote }}
+ {{- end }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/redirectScheme.yaml b/enterprise/traefik/25.1.13/templates/middlewares/redirectScheme.yaml
new file mode 100644
index 0000000000..09f3093998
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/redirectScheme.yaml
@@ -0,0 +1,13 @@
+{{- range $index, $middlewareData := .Values.middlewares.redirectScheme }}
+---
+# Declaring the user list
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ redirectScheme:
+ scheme: {{ $middlewareData.scheme }}
+ permanent: {{ $middlewareData.permanent }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/redirectregex.yaml b/enterprise/traefik/25.1.13/templates/middlewares/redirectregex.yaml
new file mode 100644
index 0000000000..30f44f9081
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/redirectregex.yaml
@@ -0,0 +1,14 @@
+{{- range $index, $middlewareData := .Values.middlewares.redirectRegex }}
+---
+# Declaring the user list
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ redirectRegex:
+ regex: {{ $middlewareData.regex | quote }}
+ replacement: {{ $middlewareData.replacement | quote }}
+ permanent: {{ $middlewareData.permanent }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/rewriteResponseHeaders.yaml b/enterprise/traefik/25.1.13/templates/middlewares/rewriteResponseHeaders.yaml
new file mode 100644
index 0000000000..d7bfdcdbe0
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/rewriteResponseHeaders.yaml
@@ -0,0 +1,17 @@
+{{- range $index, $middlewareData := .Values.middlewares.rewriteResponseHeaders }}
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ plugin:
+ rewriteResponseHeaders:
+ rewrites:
+ {{- range $index, $rewriteResponseHeader := $middlewareData.headers }}
+ - header: {{ $rewriteResponseHeader.name }}
+ regex: {{ $rewriteResponseHeader.regex | quote }}
+ replacement: {{ $rewriteResponseHeader.replacement | quote }}
+ {{- end }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/stripPrefixRegex.yaml b/enterprise/traefik/25.1.13/templates/middlewares/stripPrefixRegex.yaml
new file mode 100644
index 0000000000..6fd4c8c997
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/stripPrefixRegex.yaml
@@ -0,0 +1,14 @@
+{{- range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ stripPrefixRegex:
+ regex:
+ {{- range $middlewareData.regex }}
+ - {{ . | quote }}
+ {{- end }}
+{{- end -}}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/tc-chains.yaml b/enterprise/traefik/25.1.13/templates/middlewares/tc-chains.yaml
new file mode 100644
index 0000000000..5566d77c14
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/tc-chains.yaml
@@ -0,0 +1,24 @@
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name "tc-opencors-chain") "tc-opencors-chain" $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ chain:
+ middlewares:
+ - name: {{ ternary (printf "%v-%v" $.Release.Name "basic-ratelimit") "basic-ratelimit" $.Values.ingressClass.enabled }}
+ - name: {{ ternary (printf "%v-%v" $.Release.Name "tc-opencors-headers") "tc-opencors-headers" $.Values.ingressClass.enabled }}
+ - name: {{ ternary (printf "%v-%v" $.Release.Name "compress") "compress" $.Values.ingressClass.enabled }}
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name "tc-closedcors-chain") "tc-closedcors-chain" $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ chain:
+ middlewares:
+ - name: {{ ternary (printf "%v-%v" $.Release.Name "basic-ratelimit") "basic-ratelimit" $.Values.ingressClass.enabled }}
+ - name: {{ ternary (printf "%v-%v" $.Release.Name "tc-closedcors-headers") "tc-closedcors-headers" $.Values.ingressClass.enabled }}
+ - name: {{ ternary (printf "%v-%v" $.Release.Name "compress") "compress" $.Values.ingressClass.enabled }}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/tc-headers.yaml b/enterprise/traefik/25.1.13/templates/middlewares/tc-headers.yaml
new file mode 100644
index 0000000000..b0500afc70
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/tc-headers.yaml
@@ -0,0 +1,57 @@
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name "tc-opencors-headers") "tc-opencors-headers" $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ headers:
+ accessControlAllowHeaders:
+ - '*'
+ accessControlAllowMethods:
+ - GET
+ - OPTIONS
+ - HEAD
+ - PUT
+ - POST
+ accessControlAllowOriginList:
+ - '*'
+ accessControlMaxAge: 100
+ browserXssFilter: true
+ contentTypeNosniff: true
+ customRequestHeaders:
+ X-Forwarded-Proto: https
+ customResponseHeaders:
+ server: ""
+ forceSTSHeader: true
+ referrerPolicy: same-origin
+ sslForceHost: true
+ sslRedirect: true
+ stsSeconds: 63072000
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name "tc-closedcors-headers") "tc-closedcors-headers" $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ headers:
+ accessControlAllowMethods:
+ - GET
+ - OPTIONS
+ - HEAD
+ - PUT
+ accessControlMaxAge: 100
+ sslRedirect: true
+ stsSeconds: 63072000
+ # stsIncludeSubdomains: false
+ # stsPreload: false
+ forceSTSHeader: true
+ contentTypeNosniff: true
+ browserXssFilter: true
+ sslForceHost: true
+ referrerPolicy: same-origin
+ customRequestHeaders:
+ X-Forwarded-Proto: "https"
+ customResponseHeaders:
+ server: ''
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/tc-nextcloud.yaml b/enterprise/traefik/25.1.13/templates/middlewares/tc-nextcloud.yaml
new file mode 100644
index 0000000000..fcb09becb9
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/tc-nextcloud.yaml
@@ -0,0 +1,20 @@
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name "tc-nextcloud-redirectregex-dav") "tc-nextcloud-redirectregex-dav" $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ redirectRegex:
+ regex: "https://(.*)/.well-known/(card|cal)dav"
+ replacement: "https://${1}/remote.php/dav/"
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name "tc-nextcloud-chain") "tc-nextcloud-chain" $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ chain:
+ middlewares:
+ - name: {{ ternary (printf "%v-%v" $.Release.Name "tc-nextcloud-redirectregex-dav") "tc-nextcloud-redirectregex-dav" $.Values.ingressClass.enabled }}
diff --git a/enterprise/traefik/25.1.13/templates/middlewares/theme-park.yaml b/enterprise/traefik/25.1.13/templates/middlewares/theme-park.yaml
new file mode 100644
index 0000000000..16abf2e2f3
--- /dev/null
+++ b/enterprise/traefik/25.1.13/templates/middlewares/theme-park.yaml
@@ -0,0 +1,20 @@
+{{- range $index, $middlewareData := .Values.middlewares.themePark }}
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+ name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
+ namespace: {{ $.Release.Namespace }}
+spec:
+ plugin:
+ traefik-themepark:
+ app: {{ $middlewareData.appName }}
+ theme: {{ $middlewareData.themeName }}
+ baseUrl: {{ $middlewareData.baseUrl }}
+ {{- if $middlewareData.addons }}
+ addons:
+ {{- range $middlewareData.addons }}
+ - {{ . | quote }}
+ {{- end }}
+ {{- end -}}
+{{- end -}}
diff --git a/enterprise/velero/3.1.12/values.yaml b/enterprise/traefik/25.1.13/values.yaml
similarity index 100%
rename from enterprise/velero/3.1.12/values.yaml
rename to enterprise/traefik/25.1.13/values.yaml
diff --git a/enterprise/vaultwarden/25.1.10/CHANGELOG.md b/enterprise/vaultwarden/25.1.10/CHANGELOG.md
new file mode 100644
index 0000000000..e8630b88cd
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/CHANGELOG.md
@@ -0,0 +1,99 @@
+---
+title: Changelog
+---
+
+**Important:**
+*for the complete changelog, please refer to the website*
+
+
+
+## [vaultwarden-25.1.10](https://github.com/truecharts/charts/compare/vaultwarden-25.1.9...vaultwarden-25.1.10) (2024-01-21)
+
+### Fix
+
+
+
+- Replace old variable name "smtp.ssl" with "smtp.security" ([#17465](https://github.com/truecharts/charts/issues/17465))
+
+
+## [vaultwarden-25.1.9](https://github.com/truecharts/charts/compare/vaultwarden-25.1.8...vaultwarden-25.1.9) (2024-01-21)
+
+### Chore
+
+
+
+- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409))
+
+
+## [vaultwarden-25.1.8](https://github.com/truecharts/charts/compare/vaultwarden-25.1.7...vaultwarden-25.1.8) (2024-01-21)
+
+### Chore
+
+
+
+- update metadata in chart.yaml ([#17457](https://github.com/truecharts/charts/issues/17457))
+
+
+
+
+## [vaultwarden-25.1.7](https://github.com/truecharts/charts/compare/vaultwarden-25.1.6...vaultwarden-25.1.7) (2024-01-09)
+
+### Chore
+
+
+
+- update container image common to v17.2.22[@e7c9056](https://github.com/e7c9056) by renovate ([#16986](https://github.com/truecharts/charts/issues/16986))
+
+
+## [vaultwarden-25.1.6](https://github.com/truecharts/charts/compare/vaultwarden-25.1.5...vaultwarden-25.1.6) (2024-01-02)
+
+### Chore
+
+
+
+- force bump to ensure up-to-date catalogs
+
+
+## [vaultwarden-25.1.5](https://github.com/truecharts/charts/compare/vaultwarden-25.1.4...vaultwarden-25.1.5) (2024-01-02)
+
+### Chore
+
+
+
+- bump common ([#16751](https://github.com/truecharts/charts/issues/16751))
+
+
+## [vaultwarden-25.1.4](https://github.com/truecharts/charts/compare/vaultwarden-25.1.3...vaultwarden-25.1.4) (2024-01-01)
+
+### Chore
+
+
+
+- increase common version for oci fixes
+
+- remove non-existent template refs ([#16738](https://github.com/truecharts/charts/issues/16738))
+
+
+## [vaultwarden-25.1.3](https://github.com/truecharts/charts/compare/vaultwarden-25.1.0...vaultwarden-25.1.3) (2024-01-01)
+
+### Chore
+
+
+
+- bump all charts for OCI test push
+
+- move everything to consume OCI-hosted common-chart dependency
+
+- update container image common to v17.2.19[@4ebb688](https://github.com/4ebb688) by renovate ([#16733](https://github.com/truecharts/charts/issues/16733))
+
+- update container image common to v17.2.18[@085ba3c](https://github.com/085ba3c) by renovate ([#16732](https://github.com/truecharts/charts/issues/16732))
+
+- standardize ./img references ([#16704](https://github.com/truecharts/charts/issues/16704))
+
+- lints some docs, uses front-matter instead of # h1, and fix list items in changelog ([#16589](https://github.com/truecharts/charts/issues/16589))
+
+
+## [vaultwarden-25.1.2](https://github.com/truecharts/charts/compare/vaultwarden-25.1.0...vaultwarden-25.1.2) (2024-01-01)
+
+### Chore
+
diff --git a/enterprise/vaultwarden/25.1.10/Chart.yaml b/enterprise/vaultwarden/25.1.10/Chart.yaml
new file mode 100644
index 0000000000..95374e8426
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/Chart.yaml
@@ -0,0 +1,41 @@
+annotations:
+ max_scale_version: 23.10.2
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: security
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: enterprise
+apiVersion: v2
+appVersion: 1.30.1
+dependencies:
+ - name: common
+ version: 17.2.26
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+deprecated: false
+description: Unofficial Bitwarden compatible server written in Rust
+home: https://truecharts.org/charts/enterprise/vaultwarden
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
+keywords:
+ - bitwarden
+ - bitwardenrs
+ - bitwarden_rs
+ - vaultwarden
+ - password
+ - rust
+kubeVersion: ">=1.24.0-0"
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: vaultwarden
+sources:
+ - https://github.com/dani-garcia/vaultwarden
+ - https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden
+ - https://hub.docker.com/r/vaultwarden/server
+type: application
+version: 25.1.10
diff --git a/enterprise/vaultwarden/25.1.10/LICENSE b/enterprise/vaultwarden/25.1.10/LICENSE
new file mode 100644
index 0000000000..80e4ab93f9
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/LICENSE
@@ -0,0 +1,106 @@
+Business Source License 1.1
+
+Parameters
+
+Licensor: The TrueCharts Project, it's owner and it's contributors
+Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
+Additional Use Grant: You may use the licensed work in production, as long
+ as it is directly sourced from a TrueCharts provided
+ official repository, catalog or source. You may also make private
+ modification to the directly sourced licenced work,
+ when used in production.
+
+ The following cases are, due to their nature, also
+ defined as 'production use' and explicitly prohibited:
+ - Bundling, including or displaying the licensed work
+ with(in) another work intended for production use,
+ with the apparent intend of facilitating and/or
+ promoting production use by third parties in
+ violation of this license.
+
+Change Date: 2050-01-01
+
+Change License: 3-clause BSD license
+
+For information about alternative licensing arrangements for the Software,
+please contact: legal@truecharts.org
+
+Notice
+
+The Business Source License (this document, or the “License”) is not an Open
+Source license. However, the Licensed Work will eventually be made available
+under an Open Source License, as stated in this License.
+
+License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
+“Business Source License” is a trademark of MariaDB Corporation Ab.
+
+-----------------------------------------------------------------------------
+
+Business Source License 1.1
+
+Terms
+
+The Licensor hereby grants you the right to copy, modify, create derivative
+works, redistribute, and make non-production use of the Licensed Work. The
+Licensor may make an Additional Use Grant, above, permitting limited
+production use.
+
+Effective on the Change Date, or the fourth anniversary of the first publicly
+available distribution of a specific version of the Licensed Work under this
+License, whichever comes first, the Licensor hereby grants you rights under
+the terms of the Change License, and the rights granted in the paragraph
+above terminate.
+
+If your use of the Licensed Work does not comply with the requirements
+currently in effect as described in this License, you must purchase a
+commercial license from the Licensor, its affiliated entities, or authorized
+resellers, or you must refrain from using the Licensed Work.
+
+All copies of the original and modified Licensed Work, and derivative works
+of the Licensed Work, are subject to this License. This License applies
+separately for each version of the Licensed Work and the Change Date may vary
+for each version of the Licensed Work released by Licensor.
+
+You must conspicuously display this License on each original or modified copy
+of the Licensed Work. If you receive the Licensed Work in original or
+modified form from a third party, the terms and conditions set forth in this
+License apply to your use of that work.
+
+Any use of the Licensed Work in violation of this License will automatically
+terminate your rights under this License for the current and all other
+versions of the Licensed Work.
+
+This License does not grant you any right in any trademark or logo of
+Licensor or its affiliates (provided that you may use a trademark or logo of
+Licensor as expressly required by this License).
+
+TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
+AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
+EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
+TITLE.
+
+MariaDB hereby grants you permission to use this License’s text to license
+your works, and to refer to it using the trademark “Business Source License”,
+as long as you comply with the Covenants of Licensor below.
+
+Covenants of Licensor
+
+In consideration of the right to use this License’s text and the “Business
+Source License” name and trademark, Licensor covenants to MariaDB, and to all
+other recipients of the licensed work to be provided by Licensor:
+
+1. To specify as the Change License the GPL Version 2.0 or any later version,
+ or a license that is compatible with GPL Version 2.0 or a later version,
+ where “compatible” means that software provided under the Change License can
+ be included in a program with software provided under GPL Version 2.0 or a
+ later version. Licensor may specify additional Change Licenses without
+ limitation.
+
+2. To either: (a) specify an additional grant of rights to use that does not
+ impose any additional restriction on the right granted in this License, as
+ the Additional Use Grant; or (b) insert the text “None”.
+
+3. To specify a Change Date.
+
+4. Not to modify this License in any other way.
diff --git a/enterprise/vaultwarden/25.1.10/README.md b/enterprise/vaultwarden/25.1.10/README.md
new file mode 100644
index 0000000000..95ae8ad979
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/vaultwarden)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/enterprise/vaultwarden/25.1.10/app-changelog.md b/enterprise/vaultwarden/25.1.10/app-changelog.md
new file mode 100644
index 0000000000..1a317f1df0
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [vaultwarden-25.1.10](https://github.com/truecharts/charts/compare/vaultwarden-25.1.9...vaultwarden-25.1.10) (2024-01-21)
+
+### Fix
+
+
+
+- Replace old variable name "smtp.ssl" with "smtp.security" ([#17465](https://github.com/truecharts/charts/issues/17465))
\ No newline at end of file
diff --git a/enterprise/vaultwarden/25.1.10/app-readme.md b/enterprise/vaultwarden/25.1.10/app-readme.md
new file mode 100644
index 0000000000..08d9cc8b1d
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/app-readme.md
@@ -0,0 +1,8 @@
+Unofficial Bitwarden compatible server written in Rust
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/vaultwarden](https://truecharts.org/charts/enterprise/vaultwarden)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/operators/cert-manager/3.1.11/charts/common-17.2.26.tgz b/enterprise/vaultwarden/25.1.10/charts/common-17.2.26.tgz
similarity index 100%
rename from operators/cert-manager/3.1.11/charts/common-17.2.26.tgz
rename to enterprise/vaultwarden/25.1.10/charts/common-17.2.26.tgz
diff --git a/enterprise/vaultwarden/25.1.10/ix_values.yaml b/enterprise/vaultwarden/25.1.10/ix_values.yaml
new file mode 100644
index 0000000000..849e008bf0
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/ix_values.yaml
@@ -0,0 +1,152 @@
+image:
+ repository: docker.io/vaultwarden/server
+ pullPolicy: IfNotPresent
+ tag: 1.30.1@sha256:ab9fe547277245533a28d8e0a0c4a1e1120daf469f983fd683fc13556927d4fe
+manifestManager:
+ enabled: true
+service:
+ main:
+ ports:
+ main:
+ port: 10102
+ targetPort: 8080
+workload:
+ main:
+ podSpec:
+ containers:
+ main:
+ env:
+ DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
+ DATABASE_URL:
+ secretKeyRef:
+ name: cnpg-main-urls
+ key: std
+ envFrom:
+ - configMapRef:
+ name: vaultwardenconfig
+ - secretRef:
+ name: vaultwardensecret
+database:
+ # -- Database type,
+ # must be one of: 'sqlite', 'mysql' or 'postgresql'.
+ type: postgresql
+ # -- Enable DB Write-Ahead-Log for SQLite,
+ # disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
+ wal: true
+ ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
+ # url: ""
+ ## Set the size of the database connection pool.
+ # maxConnections: 10
+ ## Connection retries during startup, 0 for infinite. 1 second between retries.
+ # retries: 15
+# Set Bitwarden_rs application variables
+vaultwarden:
+ # -- Allow any user to sign-up
+ # see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
+ allowSignups: true
+ ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
+ # signupDomains:
+ # - domain.tld
+ # -- Verify e-mail before login is enabled.
+ # SMTP must be enabled.
+ verifySignup: false
+ # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
+ requireEmail: false
+ ## Maximum attempts before an email token is reset and a new email will need to be sent.
+ # emailAttempts: 3
+ ## Email token validity in seconds.
+ # emailTokenExpiration: 600
+ # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
+ allowInvitation: true
+ # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
+ ## Default organization name in invitation e-mails that are not coming from a specific organization.
+ # defaultInviteName: ""
+ showPasswordHint: true
+ # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
+ enableWebVault: true
+ # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
+ orgCreationUsers: all
+ ## Limit attachment disk usage per organization.
+ # attachmentLimitOrg:
+ ## Limit attachment disk usage per user.
+ # attachmentLimitUser:
+ ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
+ # hibpApiKey:
+
+ admin:
+ # Enable admin portal.
+ enabled: false
+ # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
+ disableAdminToken: false
+ ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
+ # token:
+ # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
+ smtp:
+ enabled: false
+ # SMTP hostname, required if SMTP is enabled.
+ host: ""
+ # SMTP sender e-mail address, required if SMTP is enabled.
+ from: ""
+ ## SMTP sender name, defaults to 'Bitwarden_RS'.
+ # fromName: ""
+ ## Enable SSL connection.
+ # security: starttls
+ ## SMTP port. Defaults to 587 with STARTTLS, 465 with FORCE_TLS, and 25 without SSL.
+ # port: 587
+ ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
+ # authMechanism: Plain
+ ## Hostname to be sent for SMTP HELO. Defaults to pod name.
+ # heloName: ""
+ ## SMTP timeout.
+ # timeout: 15
+ ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
+ # invalidHostname: false
+ ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
+ # invalidCertificate: false
+ ## SMTP username.
+ # user: ""
+ ## SMTP password. Required is user is specified, ignored if no user provided.
+ # password: ""
+ ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
+ yubico:
+ enabled: false
+ ## Yubico server. Defaults to YubiCloud.
+ # server:
+ ## Yubico ID and Secret Key.
+ # clientId:
+ # secretKey:
+ ## Enable Mobile Push Notifications. You must obtain and ID and Key here: https://bitwarden.com/host
+ push:
+ enabled: false
+ # installationId:
+ # installationKey:
+ ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
+ log:
+ # Log to file.
+ file: ""
+ # Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
+ level: "trace"
+ ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
+ # timeFormat: ""
+ icons:
+ # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
+ disableDownload: false
+ ## Cache time-to-live for icons fetched. 0 means no purging.
+ # cache: 2592000
+ ## Cache time-to-live for icons that were not available. 0 means no purging.
+ # cacheFailed: 259200
+persistence:
+ data:
+ enabled: true
+ mountPath: "/data"
+cnpg:
+ main:
+ enabled: true
+ user: vaultwarden
+ database: vaultwarden
+portal:
+ open:
+ enabled: true
+ingress:
+ main:
+ required: true
diff --git a/enterprise/vaultwarden/25.1.10/questions.yaml b/enterprise/vaultwarden/25.1.10/questions.yaml
new file mode 100644
index 0000000000..7983fc3702
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/questions.yaml
@@ -0,0 +1,3621 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+portals:
+ open:
+ protocols:
+ - "$kubernetes-resource_configmap_tcportal-open_protocol"
+ host:
+ - "$kubernetes-resource_configmap_tcportal-open_host"
+ ports:
+ - "$kubernetes-resource_configmap_tcportal-open_port"
+ admin:
+ protocols:
+ - "$kubernetes-resource_configmap_tcportal-open_protocol"
+ host:
+ - "$kubernetes-resource_configmap_tcportal-open_host"
+ ports:
+ - "$kubernetes-resource_configmap_tcportal-open_port"
+ path: "/admin/"
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
+ - variable: workload
+ group: "Workload Settings"
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Type (Advanced)
+ schema:
+ type: string
+ default: Deployment
+ enum:
+ - value: Deployment
+ description: Deployment
+ - value: DaemonSet
+ description: DaemonSet
+ - variable: replicas
+ label: Replicas (Advanced)
+ description: Set the number of Replicas
+ schema:
+ type: int
+ show_if: [["type", "!=", "DaemonSet"]]
+ default: 1
+ - variable: podSpec
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: containers
+ label: Containers
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: Main Container
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: envList
+ label: Extra Environment Variables
+ description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ - variable: extraArgs
+ label: Extra Args
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: arg
+ label: Arg
+ schema:
+ type: string
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: command
+ label: Command
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: param
+ label: Param
+ schema:
+ type: string
+ - variable: TZ
+ label: Timezone
+ group: "General Settings"
+ schema:
+ type: string
+ default: "Etc/UTC"
+ $ref:
+ - "definitions/timezone"
+ - variable: podOptions
+ group: "General Settings"
+ label: "Global Pod Options (Advanced)"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: expertPodOpts
+ label: "Expert - Pod Options"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hostNetwork
+ label: "Host Networking"
+ schema:
+ type: boolean
+ default: false
+ - variable: dnsConfig
+ label: "DNS Configuration"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: options
+ label: "Options"
+ schema:
+ type: list
+ default: [{"name": "ndots", "value": "1"}]
+ items:
+ - variable: optionsEntry
+ label: "Option Entry"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: nameservers
+ label: "Nameservers"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: nsEntry
+ label: "Nameserver Entry"
+ schema:
+ type: string
+ required: true
+ - variable: searches
+ label: "Searches"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: searchEntry
+ label: "Search Entry"
+ schema:
+ type: string
+ required: true
+
+ - variable: imagePullSecretList
+ group: "General Settings"
+ label: "Image Pull Secrets"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pullsecretentry
+ label: "Pull Secret"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: data
+ label: Data
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: registry
+ label: "Registry"
+ schema:
+ type: string
+ required: true
+ default: "https://index.docker.io/v1/"
+ - variable: username
+ label: "Username"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: password
+ label: "Password"
+ schema:
+ type: string
+ required: true
+ private: true
+ default: ""
+ - variable: email
+ label: "Email"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: vaultwarden
+ label: ""
+ group: "App Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: yubico
+ label: "Yubico OTP authentication"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable Yubico OTP authentication"
+ description: "Please refer to the manual at: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Yubikey-OTP-authentication"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: server
+ label: "Yubico server"
+ description: "Defaults to YubiCloud"
+ schema:
+ type: string
+ default: ""
+ - variable: clientId
+ label: "Yubico ID"
+ schema:
+ type: string
+ default: ""
+ - variable: secretKey
+ label: "Yubico Secret Key"
+ schema:
+ type: string
+ default: ""
+ - variable: push
+ label: "Mobile Push Notifications"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable Mobile Push Notifications"
+ description: "You must obtain and ID and Key here: https://bitwarden.com/host"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: installationId
+ label: "Installation ID"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: installationKey
+ label: "Installation Key"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: admin
+ label: "Admin Portal"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable Admin Portal"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: disableAdminToken
+ label: "Make Accessible Without Password/Token"
+ schema:
+ type: boolean
+ default: false
+ - variable: token
+ label: "Admin Portal Password/Token"
+ description: "Will be automatically generated if not defined"
+ schema:
+ type: string
+ default: ""
+ - variable: icons
+ label: "Icon Download Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: disableDownload
+ label: "Disable Icon Download"
+ description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
+ schema:
+ type: boolean
+ default: false
+ - variable: cache
+ label: "Cache time-to-live"
+ description: "Cache time-to-live for icons fetched. 0 means no purging"
+ schema:
+ type: int
+ default: 2592000
+ - variable: token
+ label: "Failed Downloads Cache time-to-live"
+ description: "Cache time-to-live for icons that were not available. 0 means no purging."
+ schema:
+ type: int
+ default: 2592000
+ - variable: log
+ label: "Logging"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: level
+ label: "Log level"
+ schema:
+ type: string
+ default: "info"
+ required: true
+ enum:
+ - value: "trace"
+ description: "trace"
+ - value: "debug"
+ description: "debug"
+ - value: "info"
+ description: "info"
+ - value: "warn"
+ description: "warn"
+ - value: "error"
+ description: "error"
+ - value: "off"
+ description: "off"
+ - variable: file
+ label: "Log-File Location"
+ schema:
+ type: string
+ default: ""
+ - variable: smtp
+ label: "SMTP Settings (Email)"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable SMTP Support"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: host
+ label: "SMTP hostname"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: from
+ label: "SMTP sender e-mail address"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: fromName
+ label: "SMTP sender name"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: user
+ label: "SMTP username"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: password
+ label: "SMTP password"
+ description: "Required is user is specified, ignored if no user provided"
+ schema:
+ type: string
+ default: ""
+ - variable: security
+ label: "Enable SSL connection"
+ schema:
+ type: string
+ default: "starttls"
+ enum:
+ - value: "starttls"
+ description: "STARTTLS (587)"
+ - value: "force_tls"
+ description: "FORCE_TLS (465)"
+ - value: "off"
+ description: "OFF (25)"
+ - variable: port
+ label: "SMTP port"
+ description: "Usually: 587 with STARTTLS, 465 with FORCE_TLS, and 25 without SSL"
+ schema:
+ type: int
+ default: 587
+ - variable: authMechanism
+ label: "SMTP Authentication Mechanisms"
+ description: "Comma-separated options: Plain, Login and Xoauth2"
+ schema:
+ type: string
+ default: "Plain"
+ - variable: heloName
+ label: "SMTP HELO - Hostname"
+ description: "Hostname to be sent for SMTP HELO. Defaults to pod name"
+ schema:
+ type: string
+ default: ""
+ - variable: timeout
+ label: "SMTP timeout"
+ schema:
+ type: int
+ default: 15
+ - variable: invalidHostname
+ label: "Accept Invalid Hostname"
+ description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
+ schema:
+ type: boolean
+ default: false
+ - variable: invalidCertificate
+ label: "Accept Invalid Certificate"
+ description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
+ schema:
+ type: boolean
+ default: false
+ - variable: allowSignups
+ label: "Allow Signup"
+ description: "Allow any user to sign-up: https://github.com/dani-garcia/vaultwarden/wiki/Disable-registration-of-new-users"
+ schema:
+ type: boolean
+ default: true
+ - variable: allowInvitation
+ label: "Always allow Invitation"
+ description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/vaultwarden/wiki/Disable-invitations"
+ schema:
+ type: boolean
+ default: true
+ - variable: defaultInviteName
+ label: "Default Invite Organisation Name"
+ description: "Default organization name in invitation e-mails that are not coming from a specific organization."
+ schema:
+ type: string
+ default: ""
+ - variable: showPasswordHint
+ label: "Show password hints"
+ description: "https://github.com/dani-garcia/vaultwarden/wiki/Password-hint-display"
+ schema:
+ type: boolean
+ default: true
+ - variable: signupwhitelistenable
+ label: "Enable Signup Whitelist"
+ description: "allowSignups is ignored if set"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: signupDomains
+ label: "Signup Whitelist Domains"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: domain
+ label: "Domain"
+ schema:
+ type: string
+ default: ""
+ - variable: verifySignup
+ label: "Verifiy Signup"
+ description: "Verify e-mail before login is enabled. SMTP must be enabled"
+ schema:
+ type: boolean
+ default: false
+ - variable: requireEmail
+ label: "Block Login if email fails"
+ description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
+ schema:
+ type: boolean
+ default: false
+ - variable: emailAttempts
+ label: "Email token reset attempts"
+ description: "Maximum attempts before an email token is reset and a new email will need to be sent"
+ schema:
+ type: int
+ default: 3
+ - variable: emailTokenExpiration
+ label: "Email token validity in seconds"
+ schema:
+ type: int
+ default: 600
+ - variable: enableWebVault
+ label: "Enable Webvault"
+ description: "Enable Web Vault (static content). https://github.com/dani-garcia/vaultwarden/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
+ schema:
+ type: boolean
+ default: true
+ - variable: orgCreationUsers
+ label: "Limit Organisation Creation to (users)"
+ description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
+ schema:
+ type: string
+ default: "all"
+ - variable: attachmentLimitOrg
+ label: "Limit Attachment Disk Usage per Organisation"
+ schema:
+ type: string
+ default: ""
+ - variable: attachmentLimitUser
+ label: "Limit Attachment Disk Usage per User"
+ schema:
+ type: string
+ default: ""
+ - variable: hibpApiKey
+ label: "HaveIBeenPwned API Key"
+ description: "Can be purchased at https://haveibeenpwned.com/API/Key"
+ schema:
+ type: string
+ default: ""
+ - variable: service
+ group: Networking and Services
+ label: Configure Service(s)
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Service"
+ description: "The Primary service on which the healthcheck runs, often the webUI"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Service
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: LoadBalancer
+ description: LoadBalancer (Expose Ports)
+ - value: ClusterIP
+ description: ClusterIP (Do Not Expose Ports)
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: ports
+ label: "Service's Port(s) Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Service Port Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: "Port"
+ description: "This port exposes the container port on the service"
+ schema:
+ type: int
+ default: 10102
+ required: true
+ - variable: serviceexpert
+ group: Networking and Services
+ label: Show Expert Config
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: scaleExternalInterface
+ description: Add External Interfaces
+ label: Add external Interfaces
+ group: Networking
+ schema:
+ type: list
+ items:
+ - variable: interfaceConfiguration
+ description: Interface Configuration
+ label: Interface Configuration
+ schema:
+ additional_attrs: true
+ type: dict
+ $ref:
+ - "normalize/interfaceConfiguration"
+ attrs:
+ - variable: hostInterface
+ description: Please Specify Host Interface
+ label: Host Interface
+ schema:
+ type: string
+ required: true
+ $ref:
+ - "definitions/interface"
+ - variable: ipam
+ description: Define how IP Address will be managed
+ label: IP Address Management
+ schema:
+ additional_attrs: true
+ type: dict
+ required: true
+ attrs:
+ - variable: type
+ description: Specify type for IPAM
+ label: IPAM Type
+ schema:
+ type: string
+ required: true
+ enum:
+ - value: dhcp
+ description: Use DHCP
+ - value: static
+ description: Use Static IP
+ - variable: staticIPConfigurations
+ label: Static IP Addresses
+ schema:
+ type: list
+ show_if: [["type", "=", "static"]]
+ items:
+ - variable: staticIP
+ label: Static IP
+ schema:
+ type: ipaddr
+ cidr: true
+ - variable: staticRoutes
+ label: Static Routes
+ schema:
+ type: list
+ show_if: [["type", "=", "static"]]
+ items:
+ - variable: staticRouteConfiguration
+ label: Static Route Configuration
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: destination
+ label: Destination
+ schema:
+ type: ipaddr
+ cidr: true
+ required: true
+ - variable: gateway
+ label: Gateway
+ schema:
+ type: ipaddr
+ cidr: false
+ required: true
+ - variable: serviceList
+ label: Add Manual Custom Services
+ group: Networking and Services
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: serviceListEntry
+ label: Custom Service
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the service
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ default: ""
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: LoadBalancer
+ description: LoadBalancer (Expose Ports)
+ - value: ClusterIP
+ description: ClusterIP (Do Not Expose Ports)
+ - value: Simple
+ description: Deprecated CHANGE THIS
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: advancedsvcset
+ label: Show Advanced Service Settings
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: External IP
+ schema:
+ type: string
+ - variable: ipFamilyPolicy
+ label: IP Family Policy
+ description: Specify the IP Policy
+ schema:
+ type: string
+ default: SingleStack
+ enum:
+ - value: SingleStack
+ description: SingleStack
+ - value: PreferDualStack
+ description: PreferDualStack
+ - value: RequireDualStack
+ description: RequireDualStack
+ - variable: ipFamilies
+ label: IP Families
+ description: (Advanced) The IP Families that should be used
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ipFamily
+ label: IP Family
+ schema:
+ type: string
+ - variable: portsList
+ label: Additional Service Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsListEntry
+ label: Custom ports
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Port
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Port Name
+ schema:
+ type: string
+ default: ""
+ - variable: protocol
+ label: Port Type
+ schema:
+ type: string
+ default: tcp
+ enum:
+ - value: http
+ description: HTTP
+ - value: https
+ description: HTTPS
+ - value: tcp
+ description: TCP
+ - value: udp
+ description: UDP
+ - variable: targetPort
+ label: Target Port
+ description: This port exposes the container port on the service
+ schema:
+ type: int
+ required: true
+ - variable: port
+ label: Container Port
+ schema:
+ type: int
+ required: true
+ - variable: persistence
+ label: Integrated Persistent Storage
+ description: Integrated Persistent Storage
+ group: Storage and Persistence
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: data
+ label: "App Config Storage"
+ description: "Stores the Application Configuration."
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Type of Storage
+ description: Sets the persistence type, Anything other than PVC could break rollback!
+ schema:
+ type: string
+ default: pvc
+ enum:
+ - value: pvc
+ description: PVC
+ - value: hostPath
+ description: Host Path
+ - value: emptyDir
+ description: emptyDir
+ - value: nfs
+ description: NFS Share
+ - value: iscsi
+ description: iSCSI Share
+ - variable: server
+ label: NFS Server
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: path
+ label: Path on NFS Server
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: iscsi
+ label: iSCSI Options
+ schema:
+ show_if: [["type", "=", "iscsi"]]
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: targetPortal
+ label: targetPortal
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: iqn
+ label: iqn
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: lun
+ label: lun
+ schema:
+ type: int
+ default: 0
+ - variable: authSession
+ label: authSession
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: username
+ label: username
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: password
+ schema:
+ type: string
+ default: ""
+ - variable: usernameInitiator
+ label: usernameInitiator
+ schema:
+ type: string
+ default: ""
+ - variable: passwordInitiator
+ label: passwordInitiator
+ schema:
+ type: string
+ default: ""
+ - variable: authDiscovery
+ label: authDiscovery
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: username
+ label: username
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: password
+ schema:
+ type: string
+ default: ""
+ - variable: usernameInitiator
+ label: usernameInitiator
+ schema:
+ type: string
+ default: ""
+ - variable: passwordInitiator
+ label: passwordInitiator
+ schema:
+ type: string
+ default: ""
+
+ - variable: autoPermissions
+ label: Automatic Permissions Configuration
+ description: Automatically set permissions
+ schema:
+ show_if: [["type", "!=", "pvc"]]
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: chown
+ label: Run CHOWN
+ description: |
+ It will run CHOWN on the path with the given fsGroup
+ schema:
+ type: boolean
+ default: false
+ - variable: chmod
+ label: Run CHMOD
+ description: |
+ It will run CHMOD on the path with the given value
+ Format should be 3 digits, e.g. 770
+ schema:
+ type: string
+ valid_chars: '[0-9]{3}'
+ default: ""
+ - variable: recursive
+ label: Recursive
+ description: |
+ It will run CHOWN and CHMOD recursively
+ schema:
+ type: boolean
+ default: false
+ - variable: readOnly
+ label: Read Only
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: Host Path
+ description: Path inside the container the storage is mounted
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: hostpath
+ - variable: medium
+ label: EmptyDir Medium
+ schema:
+ show_if: [["type", "=", "emptyDir"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: Default
+ - value: Memory
+ description: Memory
+ - variable: size
+ label: Size quotum of Storage (Do NOT REDUCE after installation)
+ description: This value can ONLY be INCREASED after the installation
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: 256Gi
+ - variable: storageClass
+ label: 'storageClass (Advanced)'
+ description: 'sets the storageClass to something other than iX default. Only for advanced usecases!'
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: ""
+ - variable: static
+ label: 'Static Fixed PVC Bindings (Experimental)'
+ description: Link a PVC to a specific storage location
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: mode
+ label: mode
+ description: |
+ disabled: use normal dynamic PVCs
+ smb: connect to an SMB share
+ nfs: connect to an NFS share
+ schema:
+ type: string
+ default: "disabled"
+ enum:
+ - value: disabled
+ description: disabled
+ - value: smb
+ description: smb
+ - value: nfs
+ description: nfs
+ - variable: server
+ label: Server
+ description: server to connect to
+ schema:
+ type: string
+ show_if: [["mode", "!=", "disabled"]]
+ default: "myserver"
+ - variable: share
+ label: Share
+ description: share to connect to
+ schema:
+ type: string
+ show_if: [["mode", "!=", "disabled"]]
+ default: "/myshare"
+ - variable: user
+ label: User
+ description: connecting user
+ schema:
+ type: string
+ show_if: [["mode", "=", "smb"]]
+ default: "myuser"
+ - variable: domain
+ label: Domain
+ description: user domain
+ schema:
+ type: string
+ show_if: [["mode", "=", "smb"]]
+ default: ""
+ - variable: password
+ label: Password
+ description: connecting password
+ schema:
+ type: string
+ show_if: [["mode", "=", "smb"]]
+ default: ""
+ - variable: volumeSnapshots
+ label: 'Volume Snapshots (Experimental)'
+ description: Add an entry to the list to force creation of a volumeSnapshot of this PVC
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: list
+ default: []
+ items:
+ - variable: volumeSnapshotEntry
+ label: Custom volumeSnapshot
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ description: 'WARNING: renaming this, means deletion of the snapshot with the old name!'
+ schema:
+ type: string
+ default: "mysnapshot"
+ required: true
+ - variable: volumeSnapshotClassName
+ label: 'volumeSnapshot Class Name (Advanced)'
+ description: For use with PVCs using a non-default storageClass
+ schema:
+ type: string
+ default: ""
+ - variable: persistenceList
+ label: Additional App Storage
+ group: Storage and Persistence
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: persistenceListEntry
+ label: Custom Storage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the storage
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: Type of Storage
+ description: Sets the persistence type, Anything other than PVC could break rollback!
+ schema:
+ type: string
+ default: hostPath
+ enum:
+ - value: pvc
+ description: PVC
+ - value: hostPath
+ description: Host Path
+ - value: emptyDir
+ description: emptyDir
+ - value: nfs
+ description: NFS Share
+ - variable: server
+ label: NFS Server
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: path
+ label: Path on NFS Server
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: iscsi
+ label: iSCSI Options
+ schema:
+ show_if: [["type", "=", "iscsi"]]
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: targetPortal
+ label: targetPortal
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: iqn
+ label: iqn
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: lun
+ label: lun
+ schema:
+ type: int
+ default: 0
+ - variable: authSession
+ label: authSession
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: username
+ label: username
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: password
+ schema:
+ type: string
+ default: ""
+ - variable: usernameInitiator
+ label: usernameInitiator
+ schema:
+ type: string
+ default: ""
+ - variable: passwordInitiator
+ label: passwordInitiator
+ schema:
+ type: string
+ default: ""
+ - variable: authDiscovery
+ label: authDiscovery
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: username
+ label: username
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: password
+ schema:
+ type: string
+ default: ""
+ - variable: usernameInitiator
+ label: usernameInitiator
+ schema:
+ type: string
+ default: ""
+ - variable: passwordInitiator
+ label: passwordInitiator
+ schema:
+ type: string
+ default: ""
+ - variable: autoPermissions
+ label: Automatic Permissions Configuration
+ description: Automatically set permissions
+ schema:
+ show_if: [["type", "!=", "pvc"]]
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: chown
+ label: Run CHOWN
+ description: |
+ It will run CHOWN on the path with the given fsGroup
+ schema:
+ type: boolean
+ default: false
+ - variable: chmod
+ label: Run CHMOD
+ description: |
+ It will run CHMOD on the path with the given value
+ Format should be 3 digits, e.g. 770
+ schema:
+ type: string
+ valid_chars: '[0-9]{3}'
+ default: ""
+ - variable: recursive
+ label: Recursive
+ description: |
+ It will run CHOWN and CHMOD recursively
+ schema:
+ type: boolean
+ default: false
+ - variable: readOnly
+ label: Read Only
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: Host Path
+ description: Path inside the container the storage is mounted
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: hostpath
+ - variable: mountPath
+ label: Mount Path
+ description: Path inside the container the storage is mounted
+ schema:
+ type: string
+ default: ""
+ required: true
+ valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
+ - variable: medium
+ label: EmptyDir Medium
+ schema:
+ show_if: [["type", "=", "emptyDir"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: Default
+ - value: Memory
+ description: Memory
+ - variable: size
+ label: Size Quotum of Storage
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: 256Gi
+ - variable: storageClass
+ label: 'storageClass (Advanced)'
+ description: 'sets the storageClass to something other than iX default. Only for advanced usecases!'
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: ""
+ - variable: static
+ label: 'Static Fixed PVC Bindings (Experimental)'
+ description: Link a PVC to a specific storage location
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: mode
+ label: mode
+ description: |
+ disabled: use normal dynamic PVCs
+ smb: connect to an SMB share
+ nfs: connect to an NFS share
+ schema:
+ type: string
+ default: "disabled"
+ enum:
+ - value: "disabled"
+ description: disabled
+ - value: smb
+ description: smb
+ - value: nfs
+ description: nfs
+ - variable: server
+ label: Server
+ description: server to connect to
+ schema:
+ type: string
+ show_if: [["mode", "!=", "disabled"]]
+ default: "myserver"
+ - variable: share
+ label: Share
+ description: share to connect to
+ schema:
+ type: string
+ show_if: [["mode", "!=", "disabled"]]
+ default: "/myshare"
+ - variable: user
+ label: User
+ description: connecting user
+ schema:
+ type: string
+ show_if: [["mode", "=", "smb"]]
+ default: "myuser"
+ - variable: domain
+ label: Domain
+ description: user domain
+ schema:
+ type: string
+ show_if: [["mode", "=", "smb"]]
+ default: ""
+ - variable: password
+ label: Password
+ description: connecting password
+ schema:
+ type: string
+ show_if: [["mode", "=", "smb"]]
+ default: ""
+ - variable: volumeSnapshots
+ label: 'Volume Snapshots (Experimental)'
+ description: Add an entry to the list to force creation of a volumeSnapshot of this PVC
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: list
+ default: []
+ items:
+ - variable: volumeSnapshotEntry
+ label: Custom volumeSnapshot
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ description: 'WARNING: renaming this, means deletion of the snapshot with the old name!'
+ schema:
+ type: string
+ default: "mysnapshot"
+ required: true
+ - variable: volumeSnapshotClassName
+ label: 'volumeSnapshot Class Name (Advanced)'
+ description: For use with PVCs using a non-default storageClass
+ schema:
+ type: string
+ default: ""
+ - variable: ingress
+ label: ""
+ group: Ingress
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: [{path: "/", pathType: "Prefix"}]
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: 'Allow Cross Origin Requests (advanced)'
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: 'namespace (optional)'
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: homepage
+ label: Homepage
+ description: Connect ingress with Homepage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: name
+ label: Name (Optional)
+ description: Defaults to chart name
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: description
+ label: Description (Optional)
+ description: Defaults to chart description
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: icon
+ label: Icon (Optional)
+ description: Defaults to chart icon
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: group
+ label: Group
+ schema:
+ type: string
+ required: true
+ default: "default"
+ show_if: [["enabled", "=", true]]
+ - variable: widget
+ label: Widget Settings
+ schema:
+ type: dict
+ additional_attrs: true
+ show_if: [["enabled", "=", true]]
+ attrs:
+ - variable: enabled
+ label: Enable Widget
+ description: When disabled all widget annotations are skipped.
+ schema:
+ type: boolean
+ default: true
+ - variable: custom
+ label: Options
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: key
+ label: API-key (key)
+ schema:
+ type: string
+ default: ""
+ - variable: customkv
+ label: Custom Options
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: option
+ label: Option
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ - variable: ingressClassName
+ label: (Advanced/Optional) IngressClass Name
+ schema:
+ type: string
+ show_if: [["advanced", "=", true]]
+ default: ""
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ show_if: [["advanced", "=", true]]
+ default: []
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: 'Use Custom Certificate Secret (Advanced)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: 'Use TrueNAS SCALE Certificate (Deprecated)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: ingressList
+ label: Add Manual Custom Ingresses
+ group: Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressListEntry
+ label: Custom Ingress
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ default: ""
+ - variable: ingressClassName
+ label: IngressClass Name
+ schema:
+ type: string
+ default: ""
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: overrideService
+ label: Linked Service
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Service Name
+ schema:
+ type: string
+ default: ""
+ - variable: port
+ label: Service Port
+ schema:
+ type: int
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ default: []
+ show_if: [["certificateIssuer", "=", ""]]
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: Use TrueNAS SCALE Certificate (Deprecated)
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: Use Custom Secret (Advanced)
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: "Allow Cross Origin Requests"
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: namespace
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: homepage
+ label: Homepage
+ description: Connect ingress with Homepage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: name
+ label: Name
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: description
+ label: Description
+ description: defaults to chart description
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: group
+ label: Group
+ schema:
+ type: string
+ required: true
+ default: "default"
+ show_if: [["enabled", "=", true]]
+ - variable: securityContext
+ group: Security and Permissions
+ label: Security Context
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: container
+ label: Container
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ # Settings from questions.yaml get appended here on a per-app basis
+ - variable: runAsUser
+ label: "runAsUser"
+ description: "The UserID of the user running the application"
+ schema:
+ type: int
+ default: 568
+ - variable: runAsGroup
+ label: "runAsGroup"
+ description: "The groupID of the user running the application"
+ schema:
+ type: int
+ default: 568
+ # Settings from questions.yaml get appended here on a per-app basis
+ - variable: PUID
+ label: Process User ID - PUID
+ description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
+ schema:
+ type: int
+ show_if: [["runAsUser", "=", 0]]
+ default: 568
+ - variable: UMASK
+ label: UMASK
+ description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
+ schema:
+ type: string
+ default: "0022"
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: privileged
+ label: "Privileged mode"
+ schema:
+ type: boolean
+ default: false
+ - variable: readOnlyRootFilesystem
+ label: "ReadOnly Root Filesystem"
+ schema:
+ type: boolean
+ default: true
+ - variable: pod
+ label: Pod
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: fsGroupChangePolicy
+ label: "When should we take ownership?"
+ schema:
+ type: string
+ default: OnRootMismatch
+ enum:
+ - value: OnRootMismatch
+ description: OnRootMismatch
+ - value: Always
+ description: Always
+ - variable: supplementalGroups
+ label: Supplemental Groups
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: supplementalGroupsEntry
+ label: Supplemental Group
+ schema:
+ type: int
+ # Settings from questions.yaml get appended here on a per-app basis
+ - variable: fsGroup
+ label: "fsGroup"
+ description: "The group that should own ALL storage."
+ schema:
+ type: int
+ default: 568
+ - variable: resources
+ group: Resources and Devices
+ label: "Resource Limits"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: limits
+ label: Advanced Limit Resource Consumption
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 4000m
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: RAM
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 8Gi
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: requests
+ label: "Minimum Resources Required (request)"
+ schema:
+ additional_attrs: true
+ type: dict
+ hidden: true
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 10m
+ hidden: true
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: "RAM"
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 50Mi
+ hidden: true
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: deviceList
+ label: Mount USB Devices
+ group: Resources and Devices
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: deviceListEntry
+ label: Device
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Storage
+ schema:
+ type: boolean
+ default: true
+ - variable: type
+ label: (Advanced) Type of Storage
+ description: Sets the persistence type
+ schema:
+ type: string
+ default: device
+ hidden: true
+ - variable: readOnly
+ label: readOnly
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: Host Device Path
+ description: Path to the device on the host system
+ schema:
+ type: path
+ - variable: mountPath
+ label: Container Device Path
+ description: Path inside the container the device is mounted
+ schema:
+ type: string
+ default: "/dev/ttyACM0"
+ - variable: scaleGPU
+ label: GPU Configuration
+ group: Resources and Devices
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: scaleGPUEntry
+ label: GPU
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ # Specify GPU configuration
+ - variable: gpu
+ label: Select GPU
+ schema:
+ additional_attrs: true
+ type: dict
+ $ref:
+ - "definitions/gpuConfiguration"
+ attrs: []
+ - variable: workaround
+ label: "Workaround"
+ schema:
+ type: string
+ default: workaround
+ hidden: true
+ - variable: cnpg
+ group: Postgresql
+ label: "CloudNative-PG (CNPG)"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Postgresql Database"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hibernate
+ label: Hibernate
+ description: "enable to safely hibernate and shutdown the postgresql cluster"
+ schema:
+ type: boolean
+ default: false
+ - variable: mode
+ label: Mode
+ description: 'Cluster mode of operation. Available modes: standalone - default mode. Creates new or updates an existing CNPG cluster. recovery - Same as standalone but creates a cluster from a backup, object store or via pg_basebackup replica - Creates a replica cluster from an existing CNPG cluster. # TODO.'
+ schema:
+ type: string
+ default: "standalone"
+ enum:
+ - value: standalone
+ description: standalone
+ - value: replica
+ description: replica
+ - value: recovery
+ description: recovery
+ - variable: cluster
+ label: "Cluster Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: instances
+ label: Instances
+ schema:
+ type: int
+ default: 1
+ - variable: singleNode
+ label: singleNode
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: storage
+ label: "Storage"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: size
+ label: Size
+ schema:
+ type: string
+ default: "256Gi"
+ - variable: walStorage
+ label: "WAL Storage"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: size
+ label: Size
+ schema:
+ type: string
+ default: "256Gi"
+ - variable: monitoring
+ label: "Monitoring Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enablePodMonitor
+ label: "enablePodMonitor"
+ schema:
+ type: boolean
+ default: true
+ - variable: disableDefaultQueries
+ label: "disableDefaultQueries"
+ schema:
+ type: boolean
+ default: false
+ - variable: pooler
+ label: "Pooler Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: instances
+ label: Instances
+ schema:
+ type: int
+ default: 1
+ - variable: createRO
+ label: "Create ReadOnly Instance"
+ schema:
+ type: boolean
+ default: false
+ - variable: recovery
+ label: "Recovery Settings (Experimental)"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "enabled"
+ schema:
+ type: boolean
+ default: false
+ - variable: endpointURL
+ label: "endpointURL"
+ schema:
+ type: string
+ show_if: [["enabled", "=", true]]
+ default: ""
+ - variable: method
+ label: "method"
+ schema:
+ type: string
+ show_if: [["enabled", "=", true]]
+ default: "object_store"
+ - variable: backupName
+ label: "backupName"
+ schema:
+ type: string
+ show_if: [["enabled", "=", true]]
+ default: ""
+ - variable: provider
+ label: "provider"
+ schema:
+ type: string
+ show_if: [["enabled", "=", true]]
+ default: "s3"
+ enum:
+ - value: s3
+ description: S3
+ - value: azure
+ description: Azure
+ - value: google
+ description: Google
+ - variable: s3
+ label: "s3"
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["provider", "=", "s3"]]
+ attrs:
+ - variable: region
+ label: "region"
+ schema:
+ type: string
+ default: ""
+ - variable: bucket
+ label: "bucket"
+ schema:
+ type: string
+ default: ""
+ - variable: path
+ label: "path"
+ schema:
+ type: string
+ default: "/"
+ - variable: accessKey
+ label: "accessKey"
+ schema:
+ type: string
+ default: ""
+ - variable: secretKey
+ label: "secretKey"
+ schema:
+ type: string
+ default: ""
+ - variable: azure
+ label: "azure (EXTREMELY EXPERIMENTAL)"
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["provider", "=", "azure"]]
+ attrs:
+ - variable: path
+ label: "path"
+ schema:
+ type: string
+ default: "/"
+ - variable: connectionString
+ label: "connectionString"
+ schema:
+ type: string
+ default: ""
+ - variable: storageAccount
+ label: "storageAccount"
+ schema:
+ type: string
+ default: ""
+ - variable: storageKey
+ label: "storageKey"
+ schema:
+ type: string
+ default: ""
+ - variable: storageSasToken
+ label: "storageSasToken"
+ schema:
+ type: string
+ default: ""
+ - variable: containerName
+ label: "containerName"
+ schema:
+ type: string
+ default: ""
+ - variable: serviceName
+ label: "serviceName"
+ schema:
+ type: string
+ default: "blob"
+ - variable: inheritFromAzureAD
+ label: "inheritFromAzureAD"
+ schema:
+ type: boolean
+ default: false
+ - variable: google
+ label: "google (EXTREMELY EXPERIMENTAL)"
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["provider", "=", "google"]]
+ attrs:
+ - variable: path
+ label: "path"
+ schema:
+ type: string
+ default: "/"
+ - variable: bucket
+ label: "bucket"
+ schema:
+ type: string
+ default: ""
+ - variable: gkeEnvironment
+ label: "gkeEnvironment"
+ schema:
+ type: string
+ default: ""
+ - variable: applicationCredentials
+ label: "applicationCredentials"
+ schema:
+ type: string
+ default: ""
+ - variable: backups
+ label: "Backup Settings (Experimental)"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "enabled"
+ schema:
+ type: boolean
+ default: false
+ - variable: endpointURL
+ label: "endpointURL"
+ schema:
+ type: string
+ show_if: [["enabled", "=", true]]
+ default: ""
+ - variable: destinationPath
+ label: "destinationPath"
+ schema:
+ type: string
+ show_if: [["enabled", "=", true]]
+ default: ""
+ - variable: retentionPolicy
+ label: "retentionPolicy"
+ schema:
+ type: string
+ show_if: [["enabled", "=", true]]
+ default: "30d"
+ - variable: provider
+ label: "provider"
+ schema:
+ type: string
+ show_if: [["enabled", "=", true]]
+ default: "s3"
+ enum:
+ - value: s3
+ description: S3
+ - value: azure
+ description: Azure
+ - value: google
+ description: Google
+ - variable: s3
+ label: "s3"
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["provider", "=", "s3"]]
+ attrs:
+ - variable: region
+ label: "region"
+ schema:
+ type: string
+ default: ""
+ - variable: bucket
+ label: "bucket"
+ schema:
+ type: string
+ default: ""
+ - variable: path
+ label: "path"
+ schema:
+ type: string
+ default: "/"
+ - variable: accessKey
+ label: "accessKey"
+ schema:
+ type: string
+ default: ""
+ - variable: secretKey
+ label: "secretKey"
+ schema:
+ type: string
+ default: ""
+ - variable: azure
+ label: "azure (EXTREMELY EXPERIMENTAL)"
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["provider", "=", "azure"]]
+ attrs:
+ - variable: path
+ label: "path"
+ schema:
+ type: string
+ default: "/"
+ - variable: connectionString
+ label: "connectionString"
+ schema:
+ type: string
+ default: ""
+ - variable: storageAccount
+ label: "storageAccount"
+ schema:
+ type: string
+ default: ""
+ - variable: storageKey
+ label: "storageKey"
+ schema:
+ type: string
+ show_if: [["enabled", "=", true]]
+ default: ""
+ - variable: storageSasToken
+ label: "storageSasToken"
+ schema:
+ type: string
+ default: ""
+ - variable: containerName
+ label: "containerName"
+ schema:
+ type: string
+ default: ""
+ - variable: serviceName
+ label: "serviceName"
+ schema:
+ type: string
+ default: "blob"
+ - variable: inheritFromAzureAD
+ label: "inheritFromAzureAD"
+ schema:
+ type: boolean
+ default: false
+ - variable: google
+ label: "google (EXTREMELY EXPERIMENTAL)"
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["provider", "=", "google"]]
+ attrs:
+ - variable: path
+ label: "path"
+ schema:
+ type: string
+ default: "/"
+ - variable: bucket
+ label: "bucket"
+ schema:
+ type: string
+ default: ""
+ - variable: gkeEnvironment
+ label: "gkeEnvironment"
+ schema:
+ type: string
+ default: ""
+ - variable: applicationCredentials
+ label: "applicationCredentials"
+ schema:
+ type: string
+ default: ""
+ - variable: scheduledBackups
+ label: ScheduledBackups
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: backupschedule
+ label: BackupSchedule
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: "daily-backup"
+ required: true
+ - variable: schedule
+ label: schedule
+ schema:
+ type: string
+ required: true
+ default: "0 0 0 * * *"
+ - variable: backupOwnerReference
+ label: backupOwnerReference
+ schema:
+ type: string
+ required: true
+ default: "self"
+ - variable: immediate
+ label: immediate
+ schema:
+ type: boolean
+ default: false
+ - variable: suspend
+ label: suspend
+ schema:
+ type: boolean
+ default: false
+ - variable: manualBackups
+ label: manualBackups
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: backup
+ label: Backup
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+# - variable: horizontalPodAutoscaler
+# group: Advanced
+# label: (Advanced) Horizontal Pod Autoscaler
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: hpaEntry
+# label: HPA Entry
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: name
+# label: Name
+# schema:
+# type: string
+# required: true
+# default: ""
+# - variable: enabled
+# label: Enabled
+# schema:
+# type: boolean
+# default: false
+# show_subquestions_if: true
+# subquestions:
+# - variable: target
+# label: Target
+# description: Deployment name, Defaults to Main Deployment
+# schema:
+# type: string
+# default: ""
+# - variable: minReplicas
+# label: Minimum Replicas
+# schema:
+# type: int
+# default: 1
+# - variable: maxReplicas
+# label: Maximum Replicas
+# schema:
+# type: int
+# default: 5
+# - variable: targetCPUUtilizationPercentage
+# label: Target CPU Utilization Percentage
+# schema:
+# type: int
+# default: 80
+# - variable: targetMemoryUtilizationPercentage
+# label: Target Memory Utilization Percentage
+# schema:
+# type: int
+# default: 80
+ - variable: networkPolicy
+ group: Advanced
+ label: (Advanced) Network Policy
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: netPolicyEntry
+ label: Network Policy Entry
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: policyType
+ label: Policy Type
+ schema:
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: Default
+ - value: ingress
+ description: Ingress
+ - value: egress
+ description: Egress
+ - value: ingress-egress
+ description: Ingress and Egress
+ - variable: egress
+ label: Egress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: egressEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: to
+ label: To
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: toEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: ipBlock
+ label: IP Block
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cidr
+ label: CIDR
+ schema:
+ type: string
+ default: ""
+ - variable: except
+ label: Except
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: exceptint
+ label: ""
+ schema:
+ type: string
+ - variable: namespaceSelector
+ label: Namespace Selector
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: podSelector
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: ports
+ label: Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ - variable: endPort
+ label: End Port
+ schema:
+ type: int
+ - variable: protocol
+ label: Protocol
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: TCP
+ description: TCP
+ - value: UDP
+ description: UDP
+ - value: SCTP
+ description: SCTP
+ - variable: ingress
+ label: Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: from
+ label: From
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: fromEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: ipBlock
+ label: IP Block
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cidr
+ label: CIDR
+ schema:
+ type: string
+ default: ""
+ - variable: except
+ label: Except
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: exceptint
+ label: ""
+ schema:
+ type: string
+ - variable: namespaceSelector
+ label: Namespace Selector
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: podSelector
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: ports
+ label: Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ - variable: endPort
+ label: End Port
+ schema:
+ type: int
+ - variable: protocol
+ label: Protocol
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: TCP
+ description: TCP
+ - value: UDP
+ description: UDP
+ - value: SCTP
+ description: SCTP
+ - variable: addons
+ group: Addons
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: codeserver
+ label: Codeserver
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: service
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: NodePort
+ description: Deprecated CHANGE THIS
+ - value: ClusterIP
+ description: ClusterIP
+ - value: LoadBalancer
+ description: LoadBalancer
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: ports
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: codeserver
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ default: 36107
+ - variable: ingress
+ label: "Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: [{path: "/", pathType: "Prefix"}]
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: 'Allow Cross Origin Requests (advanced)'
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: 'namespace (optional)'
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ - variable: ingressClassName
+ label: (Advanced/Optional) IngressClass Name
+ schema:
+ type: string
+ show_if: [["advanced", "=", true]]
+ default: ""
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ show_if: [["advanced", "=", true]]
+ default: []
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: 'Use Custom Certificate Secret (Advanced)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: 'Use TrueNAS SCALE Certificate (Deprecated)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: envList
+ label: Codeserver Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ - variable: vpn
+ label: VPN
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ schema:
+ type: string
+ default: disabled
+ enum:
+ - value: disabled
+ description: disabled
+ - value: gluetun
+ description: Gluetun
+ - value: tailscale
+ description: Tailscale
+ - value: openvpn
+ description: OpenVPN (Deprecated)
+ - value: wireguard
+ description: Wireguard (Deprecated)
+ - variable: openvpn
+ label: OpenVPN Settings
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["type", "=", "openvpn"]]
+ attrs:
+ - variable: username
+ label: Authentication Username (Optional)
+ description: Authentication Username, Optional
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: Authentication Password
+ description: Authentication Credentials
+ schema:
+ type: string
+ show_if: [["username", "!=", ""]]
+ default: ""
+ required: true
+ - variable: tailscale
+ label: Tailscale Settings
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["type", "=", "tailscale"]]
+ attrs:
+ - variable: authkey
+ label: Authentication Key
+ description: Provide an auth key to automatically authenticate the node as your user account.
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: auth_once
+ label: Auth Once
+ description: Only attempt to log in if not already logged in.
+ schema:
+ type: boolean
+ default: true
+ - variable: accept_dns
+ label: Accept DNS
+ description: Accept DNS configuration from the admin console.
+ schema:
+ type: boolean
+ default: false
+ - variable: userspace
+ label: Userspace
+ description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
+ schema:
+ type: boolean
+ default: false
+ - variable: routes
+ label: Routes
+ description: Expose physical subnet routes to your entire Tailscale network.
+ schema:
+ type: string
+ default: ""
+ - variable: dest_ip
+ label: Destination IP
+ description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
+ schema:
+ type: string
+ default: ""
+ - variable: sock5_server
+ label: Sock5 Server
+ description: The address on which to listen for SOCKS5 proxying into the tailscale net.
+ schema:
+ type: string
+ default: ""
+ - variable: outbound_http_proxy_listen
+ label: Outbound HTTP Proxy Listen
+ description: The address on which to listen for HTTP proxying into the tailscale net.
+ schema:
+ type: string
+ default: ""
+ - variable: extra_args
+ label: Extra Args
+ description: Extra Args
+ schema:
+ type: string
+ default: ""
+ - variable: daemon_extra_args
+ label: Tailscale Daemon Extra Args
+ description: Tailscale Daemon Extra Args
+ schema:
+ type: string
+ default: ""
+ - variable: killSwitch
+ label: Enable Killswitch
+ schema:
+ type: boolean
+ show_if: [["type", "!=", "disabled"]]
+ default: true
+ - variable: excludedNetworks_IPv4
+ label: Killswitch Excluded IPv4 networks
+ description: List of Killswitch Excluded IPv4 Addresses
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv4
+ label: IPv4 Network
+ schema:
+ type: string
+ required: true
+ - variable: excludedNetworks_IPv6
+ label: Killswitch Excluded IPv6 networks
+ description: "List of Killswitch Excluded IPv6 Addresses"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv6
+ label: IPv6 Network
+ schema:
+ type: string
+ required: true
+ - variable: configFile
+ label: VPN Config File Location
+ schema:
+ type: string
+ show_if: [["type", "!=", "disabled"]]
+ default: ""
+
+ - variable: envList
+ label: VPN Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ max_length: 10240
+ - variable: netshoot
+ label: Netshoot
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: envList
+ label: Netshoot Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ - variable: docs
+ group: Documentation
+ label: Please read the documentation at https://truecharts.org
+ description: Please read the documentation at
+
https://truecharts.org
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDocs
+ label: I have checked the documentation
+ schema:
+ type: boolean
+ default: true
+ - variable: donateNag
+ group: Documentation
+ label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
+ description: Please consider supporting TrueCharts, see
+
https://truecharts.org/sponsor
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDonate
+ label: I have considered donating
+ schema:
+ type: boolean
+ default: true
+ hidden: true
diff --git a/operators/cert-manager/3.1.11/templates/NOTES.txt b/enterprise/vaultwarden/25.1.10/templates/NOTES.txt
similarity index 100%
rename from operators/cert-manager/3.1.11/templates/NOTES.txt
rename to enterprise/vaultwarden/25.1.10/templates/NOTES.txt
diff --git a/enterprise/vaultwarden/25.1.10/templates/_configmap.tpl b/enterprise/vaultwarden/25.1.10/templates/_configmap.tpl
new file mode 100644
index 0000000000..2749819b03
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/templates/_configmap.tpl
@@ -0,0 +1,111 @@
+{{/* Define the configmap */}}
+{{- define "vaultwarden.configmap" -}}
+enabled: true
+data:
+ ROCKET_PORT: "8080"
+ SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
+ {{- if .Values.vaultwarden.signupDomains }}
+ SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
+ {{- end }}
+ {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
+ SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
+ {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
+ REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
+ {{- if .Values.vaultwarden.emailAttempts }}
+ EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.emailTokenExpiration }}
+ EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
+ {{- end }}
+ INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
+ {{- if .Values.vaultwarden.defaultInviteName }}
+ INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
+ {{- end }}
+ SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
+ WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
+ ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
+ {{- if .Values.vaultwarden.attachmentLimitOrg }}
+ ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.attachmentLimitUser }}
+ USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.hibpApiKey }}
+ HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
+ {{- end }}
+ {{- include "vaultwarden.dbTypeValid" . }}
+ {{- if .Values.database.retries }}
+ DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
+ {{- end }}
+ {{- if .Values.database.maxConnections }}
+ DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
+ {{- end }}
+ {{- if eq .Values.vaultwarden.smtp.enabled true }}
+ SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
+ SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
+ {{- if .Values.vaultwarden.smtp.fromName }}
+ SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.security }}
+ SMTP_SECURITY: {{ .Values.vaultwarden.smtp.security | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.port }}
+ SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.authMechanism }}
+ SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.heloName }}
+ HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.timeout }}
+ SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.invalidHostname }}
+ SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.invalidCertificate }}
+ SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.vaultwarden.log.file }}
+ LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
+ {{- end }}
+ {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
+ EXTENDED_LOGGING: "true"
+ {{- end }}
+ {{- if .Values.vaultwarden.log.level }}
+ {{- include "vaultwarden.logLevelValid" . }}
+ LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.log.timeFormat }}
+ LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.icons.disableDownload }}
+ DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
+ {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
+ ICON_CACHE_TTL: "0"
+ {{- end }}
+ {{- end }}
+ {{- if .Values.vaultwarden.icons.cache }}
+ ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.icons.cacheFailed }}
+ ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
+ {{- end }}
+ {{- if eq .Values.vaultwarden.admin.enabled true }}
+ {{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
+ DISABLE_ADMIN_TOKEN: "true"
+ {{- end }}
+ {{- end }}
+ {{- if eq .Values.vaultwarden.yubico.enabled true }}
+ {{- if .Values.vaultwarden.yubico.server }}
+ YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
+ {{- end }}
+ {{- end }}
+ {{- if eq .Values.database.type "sqlite" }}
+ ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
+ {{- else }}
+ ENABLE_DB_WAL: "false"
+ {{- end }}
+{{- end -}}
diff --git a/enterprise/vaultwarden/25.1.10/templates/_secrets.tpl b/enterprise/vaultwarden/25.1.10/templates/_secrets.tpl
new file mode 100644
index 0000000000..262fcffa1b
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/templates/_secrets.tpl
@@ -0,0 +1,37 @@
+{{/* Define the secrets */}}
+{{- define "vaultwarden.secrets" -}}
+
+{{- $adminToken := "" }}
+{{- if eq .Values.vaultwarden.admin.enabled true }}
+{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | quote }}
+{{- end -}}
+
+{{- $smtpUser := "" }}
+{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
+{{- $smtpUser = .Values.vaultwarden.smtp.user | quote }}
+{{- end -}}
+
+{{- $yubicoClientId := "" }}
+{{- if eq .Values.vaultwarden.yubico.enabled true }}
+{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | quote }}
+{{- end -}}
+enabled: true
+data:
+ placeholder: placeholdervalue
+ {{- if ne $adminToken "" }}
+ ADMIN_TOKEN: {{ $adminToken }}
+ {{- end }}
+ {{- if ne $smtpUser "" }}
+ SMTP_USERNAME: {{ $smtpUser }}
+ SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | quote }}
+ {{- end }}
+ {{- if ne $yubicoClientId "" }}
+ YUBICO_CLIENT_ID: {{ $yubicoClientId }}
+ YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.push.enabled }}
+ PUSH_ENABLED: {{ .Values.vaultwarden.push.enabled | quote }}
+ PUSH_INSTALLATION_ID: {{ required "Installation ID required" .Values.vaultwarden.push.installationId | quote }}
+ PUSH_INSTALLATION_KEY: {{ required "Installation Key required" .Values.vaultwarden.push.installationKey | quote }}
+ {{- end }}
+{{- end -}}
diff --git a/enterprise/vaultwarden/25.1.10/templates/_validate.tpl b/enterprise/vaultwarden/25.1.10/templates/_validate.tpl
new file mode 100644
index 0000000000..e4832c2f6e
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/templates/_validate.tpl
@@ -0,0 +1,17 @@
+{{/*
+Ensure valid DB type is select, defaults to SQLite
+*/}}
+{{- define "vaultwarden.dbTypeValid" -}}
+{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
+{{- required "Invalid database type" nil }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Ensure log type is valid
+*/}}
+{{- define "vaultwarden.logLevelValid" -}}
+{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
+{{- required "Invalid log level" nil }}
+{{- end }}
+{{- end }}
diff --git a/enterprise/vaultwarden/25.1.10/templates/common.yaml b/enterprise/vaultwarden/25.1.10/templates/common.yaml
new file mode 100644
index 0000000000..66c6adab5d
--- /dev/null
+++ b/enterprise/vaultwarden/25.1.10/templates/common.yaml
@@ -0,0 +1,17 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.v1.common.loader.init" . }}
+
+{{/* Render configmap for vaultwarden */}}
+{{- $configmapFile := include "vaultwarden.configmap" . | fromYaml -}}
+{{- if $configmapFile -}}
+ {{- $_ := set .Values.configmap "vaultwardenconfig" $configmapFile -}}
+{{- end -}}
+
+{{/* Render secrets for vaultwarden */}}
+{{- $secret := include "vaultwarden.secrets" . | fromYaml -}}
+{{- if $secret -}}
+ {{- $_ := set .Values.secret "vaultwardensecret" $secret -}}
+{{- end -}}
+
+{{/* Render the templates */}}
+{{ include "tc.v1.common.loader.apply" . }}
diff --git a/operators/cert-manager/3.1.11/values.yaml b/enterprise/vaultwarden/25.1.10/values.yaml
similarity index 100%
rename from operators/cert-manager/3.1.11/values.yaml
rename to enterprise/vaultwarden/25.1.10/values.yaml
diff --git a/enterprise/velero/3.1.12/app-changelog.md b/enterprise/velero/3.1.12/app-changelog.md
deleted file mode 100644
index 351d65afea..0000000000
--- a/enterprise/velero/3.1.12/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [velero-3.1.12](https://github.com/truecharts/charts/compare/velero-3.1.11...velero-3.1.12) (2024-01-21)
-
-### Chore
-
-
-
-- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409))
\ No newline at end of file
diff --git a/enterprise/velero/3.1.12/CHANGELOG.md b/enterprise/velero/3.1.13/CHANGELOG.md
similarity index 89%
rename from enterprise/velero/3.1.12/CHANGELOG.md
rename to enterprise/velero/3.1.13/CHANGELOG.md
index 86c1e89ea7..8dc57ee443 100644
--- a/enterprise/velero/3.1.12/CHANGELOG.md
+++ b/enterprise/velero/3.1.13/CHANGELOG.md
@@ -7,6 +7,15 @@ title: Changelog
+## [velero-3.1.13](https://github.com/truecharts/charts/compare/velero-3.1.12...velero-3.1.13) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470))
+
+
## [velero-3.1.12](https://github.com/truecharts/charts/compare/velero-3.1.11...velero-3.1.12) (2024-01-21)
### Chore
@@ -88,12 +97,3 @@ title: Changelog
- increase common version for oci fixes
- remove non-existent template refs ([#16738](https://github.com/truecharts/charts/issues/16738))
-
-
-## [velero-3.1.3](https://github.com/truecharts/charts/compare/velero-3.1.0...velero-3.1.3) (2024-01-01)
-
-### Chore
-
-
-
-- bump all charts for OCI test push
diff --git a/enterprise/velero/3.1.12/Chart.yaml b/enterprise/velero/3.1.13/Chart.yaml
similarity index 98%
rename from enterprise/velero/3.1.12/Chart.yaml
rename to enterprise/velero/3.1.13/Chart.yaml
index acdb366ab8..a217777f47 100644
--- a/enterprise/velero/3.1.12/Chart.yaml
+++ b/enterprise/velero/3.1.13/Chart.yaml
@@ -42,4 +42,4 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/enterprise/velero
- https://github.com/truecharts/containers/tree/master/apps/alpine
type: application
-version: 3.1.12
+version: 3.1.13
diff --git a/enterprise/velero/3.1.12/LICENSE b/enterprise/velero/3.1.13/LICENSE
similarity index 100%
rename from enterprise/velero/3.1.12/LICENSE
rename to enterprise/velero/3.1.13/LICENSE
diff --git a/enterprise/velero/3.1.12/README.md b/enterprise/velero/3.1.13/README.md
similarity index 100%
rename from enterprise/velero/3.1.12/README.md
rename to enterprise/velero/3.1.13/README.md
diff --git a/enterprise/velero/3.1.13/app-changelog.md b/enterprise/velero/3.1.13/app-changelog.md
new file mode 100644
index 0000000000..189af55363
--- /dev/null
+++ b/enterprise/velero/3.1.13/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [velero-3.1.13](https://github.com/truecharts/charts/compare/velero-3.1.12...velero-3.1.13) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470))
\ No newline at end of file
diff --git a/enterprise/velero/3.1.12/app-readme.md b/enterprise/velero/3.1.13/app-readme.md
similarity index 100%
rename from enterprise/velero/3.1.12/app-readme.md
rename to enterprise/velero/3.1.13/app-readme.md
diff --git a/operators/cloudnative-pg/5.2.11/charts/common-17.2.26.tgz b/enterprise/velero/3.1.13/charts/common-17.2.26.tgz
similarity index 100%
rename from operators/cloudnative-pg/5.2.11/charts/common-17.2.26.tgz
rename to enterprise/velero/3.1.13/charts/common-17.2.26.tgz
diff --git a/enterprise/velero/3.1.12/charts/velero-5.2.0.tgz b/enterprise/velero/3.1.13/charts/velero-5.2.0.tgz
similarity index 100%
rename from enterprise/velero/3.1.12/charts/velero-5.2.0.tgz
rename to enterprise/velero/3.1.13/charts/velero-5.2.0.tgz
diff --git a/enterprise/velero/3.1.12/ix_values.yaml b/enterprise/velero/3.1.13/ix_values.yaml
similarity index 94%
rename from enterprise/velero/3.1.12/ix_values.yaml
rename to enterprise/velero/3.1.13/ix_values.yaml
index eb9477c198..5fa667032c 100644
--- a/enterprise/velero/3.1.12/ix_values.yaml
+++ b/enterprise/velero/3.1.13/ix_values.yaml
@@ -1,7 +1,7 @@
image:
pullPolicy: IfNotPresent
repository: tccr.io/tccr/alpine
- tag: latest@sha256:12e0f84947ee7fc11f552e065a46d5a2b4e27cfc6ded0f624fc948c3138fb9a9
+ tag: latest@sha256:14eaf3fc268822c9631c45eeabb818f6c357edada9380fd725d6591b70e6edcc
manifestManager:
enabled: false
operator:
diff --git a/enterprise/velero/3.1.12/questions.yaml b/enterprise/velero/3.1.13/questions.yaml
similarity index 100%
rename from enterprise/velero/3.1.12/questions.yaml
rename to enterprise/velero/3.1.13/questions.yaml
diff --git a/operators/cloudnative-pg/5.2.11/templates/NOTES.txt b/enterprise/velero/3.1.13/templates/NOTES.txt
similarity index 100%
rename from operators/cloudnative-pg/5.2.11/templates/NOTES.txt
rename to enterprise/velero/3.1.13/templates/NOTES.txt
diff --git a/enterprise/velero/3.1.12/templates/common.yaml b/enterprise/velero/3.1.13/templates/common.yaml
similarity index 100%
rename from enterprise/velero/3.1.12/templates/common.yaml
rename to enterprise/velero/3.1.13/templates/common.yaml
diff --git a/operators/cloudnative-pg/5.2.11/values.yaml b/enterprise/velero/3.1.13/values.yaml
similarity index 100%
rename from operators/cloudnative-pg/5.2.11/values.yaml
rename to enterprise/velero/3.1.13/values.yaml
diff --git a/operators/cert-manager/3.1.11/app-changelog.md b/operators/cert-manager/3.1.11/app-changelog.md
deleted file mode 100644
index 8a2a4a350d..0000000000
--- a/operators/cert-manager/3.1.11/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [cert-manager-3.1.11](https://github.com/truecharts/charts/compare/cert-manager-3.1.10...cert-manager-3.1.11) (2024-01-21)
-
-### Chore
-
-
-
-- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409))
\ No newline at end of file
diff --git a/operators/cert-manager/3.1.11/CHANGELOG.md b/operators/cert-manager/3.1.12/CHANGELOG.md
similarity index 82%
rename from operators/cert-manager/3.1.11/CHANGELOG.md
rename to operators/cert-manager/3.1.12/CHANGELOG.md
index c983ffced7..0b5c7acb08 100644
--- a/operators/cert-manager/3.1.11/CHANGELOG.md
+++ b/operators/cert-manager/3.1.12/CHANGELOG.md
@@ -7,6 +7,15 @@ title: Changelog
+## [cert-manager-3.1.12](https://github.com/truecharts/charts/compare/cert-manager-3.1.11...cert-manager-3.1.12) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470))
+
+
## [cert-manager-3.1.11](https://github.com/truecharts/charts/compare/cert-manager-3.1.10...cert-manager-3.1.11) (2024-01-21)
### Chore
@@ -88,12 +97,3 @@ title: Changelog
- bump all charts for OCI test push
-
-- move everything to consume OCI-hosted common-chart dependency
-
-- update container image common to v17.2.19[@4ebb688](https://github.com/4ebb688) by renovate ([#16733](https://github.com/truecharts/charts/issues/16733))
-
-- update container image common to v17.2.18[@085ba3c](https://github.com/085ba3c) by renovate ([#16732](https://github.com/truecharts/charts/issues/16732))
-
-- standardize ./img references ([#16704](https://github.com/truecharts/charts/issues/16704))
-
diff --git a/operators/cert-manager/3.1.11/Chart.yaml b/operators/cert-manager/3.1.12/Chart.yaml
similarity index 98%
rename from operators/cert-manager/3.1.11/Chart.yaml
rename to operators/cert-manager/3.1.12/Chart.yaml
index 02506053c6..713536b05b 100644
--- a/operators/cert-manager/3.1.11/Chart.yaml
+++ b/operators/cert-manager/3.1.12/Chart.yaml
@@ -43,4 +43,4 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/operators/cert-manager
- https://github.com/truecharts/containers/tree/master/apps/alpine
type: application
-version: 3.1.11
+version: 3.1.12
diff --git a/operators/cert-manager/3.1.11/LICENSE b/operators/cert-manager/3.1.12/LICENSE
similarity index 100%
rename from operators/cert-manager/3.1.11/LICENSE
rename to operators/cert-manager/3.1.12/LICENSE
diff --git a/operators/cert-manager/3.1.11/README.md b/operators/cert-manager/3.1.12/README.md
similarity index 100%
rename from operators/cert-manager/3.1.11/README.md
rename to operators/cert-manager/3.1.12/README.md
diff --git a/operators/cert-manager/3.1.12/app-changelog.md b/operators/cert-manager/3.1.12/app-changelog.md
new file mode 100644
index 0000000000..7864868f1b
--- /dev/null
+++ b/operators/cert-manager/3.1.12/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [cert-manager-3.1.12](https://github.com/truecharts/charts/compare/cert-manager-3.1.11...cert-manager-3.1.12) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470))
\ No newline at end of file
diff --git a/operators/cert-manager/3.1.11/app-readme.md b/operators/cert-manager/3.1.12/app-readme.md
similarity index 100%
rename from operators/cert-manager/3.1.11/app-readme.md
rename to operators/cert-manager/3.1.12/app-readme.md
diff --git a/operators/cert-manager/3.1.11/charts/cert-manager-v1.13.3.tgz b/operators/cert-manager/3.1.12/charts/cert-manager-v1.13.3.tgz
similarity index 100%
rename from operators/cert-manager/3.1.11/charts/cert-manager-v1.13.3.tgz
rename to operators/cert-manager/3.1.12/charts/cert-manager-v1.13.3.tgz
diff --git a/operators/prometheus-operator/4.5.2/charts/common-17.2.26.tgz b/operators/cert-manager/3.1.12/charts/common-17.2.26.tgz
similarity index 100%
rename from operators/prometheus-operator/4.5.2/charts/common-17.2.26.tgz
rename to operators/cert-manager/3.1.12/charts/common-17.2.26.tgz
diff --git a/operators/cert-manager/3.1.11/ix_values.yaml b/operators/cert-manager/3.1.12/ix_values.yaml
similarity index 87%
rename from operators/cert-manager/3.1.11/ix_values.yaml
rename to operators/cert-manager/3.1.12/ix_values.yaml
index ca3a924d47..91ebf37a73 100644
--- a/operators/cert-manager/3.1.11/ix_values.yaml
+++ b/operators/cert-manager/3.1.12/ix_values.yaml
@@ -1,7 +1,7 @@
image:
repository: tccr.io/tccr/alpine
pullPolicy: IfNotPresent
- tag: latest@sha256:12e0f84947ee7fc11f552e065a46d5a2b4e27cfc6ded0f624fc948c3138fb9a9
+ tag: latest@sha256:14eaf3fc268822c9631c45eeabb818f6c357edada9380fd725d6591b70e6edcc
service:
main:
diff --git a/operators/cert-manager/3.1.11/questions.yaml b/operators/cert-manager/3.1.12/questions.yaml
similarity index 100%
rename from operators/cert-manager/3.1.11/questions.yaml
rename to operators/cert-manager/3.1.12/questions.yaml
diff --git a/operators/prometheus-operator/4.5.2/templates/NOTES.txt b/operators/cert-manager/3.1.12/templates/NOTES.txt
similarity index 100%
rename from operators/prometheus-operator/4.5.2/templates/NOTES.txt
rename to operators/cert-manager/3.1.12/templates/NOTES.txt
diff --git a/operators/cert-manager/3.1.11/templates/common.yaml b/operators/cert-manager/3.1.12/templates/common.yaml
similarity index 100%
rename from operators/cert-manager/3.1.11/templates/common.yaml
rename to operators/cert-manager/3.1.12/templates/common.yaml
diff --git a/operators/cert-manager/3.1.11/templates/crds.yaml b/operators/cert-manager/3.1.12/templates/crds.yaml
similarity index 100%
rename from operators/cert-manager/3.1.11/templates/crds.yaml
rename to operators/cert-manager/3.1.12/templates/crds.yaml
diff --git a/operators/prometheus-operator/4.5.2/values.yaml b/operators/cert-manager/3.1.12/values.yaml
similarity index 100%
rename from operators/prometheus-operator/4.5.2/values.yaml
rename to operators/cert-manager/3.1.12/values.yaml
diff --git a/operators/cloudnative-pg/5.2.11/app-changelog.md b/operators/cloudnative-pg/5.2.11/app-changelog.md
deleted file mode 100644
index 89f5ac902b..0000000000
--- a/operators/cloudnative-pg/5.2.11/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [cloudnative-pg-5.2.11](https://github.com/truecharts/charts/compare/cloudnative-pg-5.2.10...cloudnative-pg-5.2.11) (2024-01-21)
-
-### Chore
-
-
-
-- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409))
\ No newline at end of file
diff --git a/operators/cloudnative-pg/5.2.11/CHANGELOG.md b/operators/cloudnative-pg/5.2.12/CHANGELOG.md
similarity index 82%
rename from operators/cloudnative-pg/5.2.11/CHANGELOG.md
rename to operators/cloudnative-pg/5.2.12/CHANGELOG.md
index 54ddf9bdab..e90deb6cc3 100644
--- a/operators/cloudnative-pg/5.2.11/CHANGELOG.md
+++ b/operators/cloudnative-pg/5.2.12/CHANGELOG.md
@@ -7,6 +7,15 @@ title: Changelog
+## [cloudnative-pg-5.2.12](https://github.com/truecharts/charts/compare/cloudnative-pg-5.2.11...cloudnative-pg-5.2.12) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470))
+
+
## [cloudnative-pg-5.2.11](https://github.com/truecharts/charts/compare/cloudnative-pg-5.2.10...cloudnative-pg-5.2.11) (2024-01-21)
### Chore
@@ -88,12 +97,3 @@ title: Changelog
- bump all charts for OCI test push
-
-- move everything to consume OCI-hosted common-chart dependency
-
-- update container image common to v17.2.19[@4ebb688](https://github.com/4ebb688) by renovate ([#16733](https://github.com/truecharts/charts/issues/16733))
-
-- update container image common to v17.2.18[@085ba3c](https://github.com/085ba3c) by renovate ([#16732](https://github.com/truecharts/charts/issues/16732))
-
-- standardize ./img references ([#16704](https://github.com/truecharts/charts/issues/16704))
-
diff --git a/operators/cloudnative-pg/5.2.11/Chart.yaml b/operators/cloudnative-pg/5.2.12/Chart.yaml
similarity index 98%
rename from operators/cloudnative-pg/5.2.11/Chart.yaml
rename to operators/cloudnative-pg/5.2.12/Chart.yaml
index 8987050295..3f082a244b 100644
--- a/operators/cloudnative-pg/5.2.11/Chart.yaml
+++ b/operators/cloudnative-pg/5.2.12/Chart.yaml
@@ -43,4 +43,4 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/operators/cloudnative-pg
- https://github.com/truecharts/containers/tree/master/apps/alpine
type: application
-version: 5.2.11
+version: 5.2.12
diff --git a/operators/cloudnative-pg/5.2.11/LICENSE b/operators/cloudnative-pg/5.2.12/LICENSE
similarity index 100%
rename from operators/cloudnative-pg/5.2.11/LICENSE
rename to operators/cloudnative-pg/5.2.12/LICENSE
diff --git a/operators/cloudnative-pg/5.2.11/README.md b/operators/cloudnative-pg/5.2.12/README.md
similarity index 100%
rename from operators/cloudnative-pg/5.2.11/README.md
rename to operators/cloudnative-pg/5.2.12/README.md
diff --git a/operators/cloudnative-pg/5.2.12/app-changelog.md b/operators/cloudnative-pg/5.2.12/app-changelog.md
new file mode 100644
index 0000000000..8e055282b6
--- /dev/null
+++ b/operators/cloudnative-pg/5.2.12/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [cloudnative-pg-5.2.12](https://github.com/truecharts/charts/compare/cloudnative-pg-5.2.11...cloudnative-pg-5.2.12) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470))
\ No newline at end of file
diff --git a/operators/cloudnative-pg/5.2.11/app-readme.md b/operators/cloudnative-pg/5.2.12/app-readme.md
similarity index 100%
rename from operators/cloudnative-pg/5.2.11/app-readme.md
rename to operators/cloudnative-pg/5.2.12/app-readme.md
diff --git a/operators/cloudnative-pg/5.2.11/charts/cloudnative-pg-0.20.0.tgz b/operators/cloudnative-pg/5.2.12/charts/cloudnative-pg-0.20.0.tgz
similarity index 100%
rename from operators/cloudnative-pg/5.2.11/charts/cloudnative-pg-0.20.0.tgz
rename to operators/cloudnative-pg/5.2.12/charts/cloudnative-pg-0.20.0.tgz
diff --git a/stable/wg-easy/9.0.3/charts/common-17.2.26.tgz b/operators/cloudnative-pg/5.2.12/charts/common-17.2.26.tgz
similarity index 100%
rename from stable/wg-easy/9.0.3/charts/common-17.2.26.tgz
rename to operators/cloudnative-pg/5.2.12/charts/common-17.2.26.tgz
diff --git a/operators/cloudnative-pg/5.2.11/ix_values.yaml b/operators/cloudnative-pg/5.2.12/ix_values.yaml
similarity index 77%
rename from operators/cloudnative-pg/5.2.11/ix_values.yaml
rename to operators/cloudnative-pg/5.2.12/ix_values.yaml
index 8a3f0de35a..9c5292b70d 100644
--- a/operators/cloudnative-pg/5.2.11/ix_values.yaml
+++ b/operators/cloudnative-pg/5.2.12/ix_values.yaml
@@ -1,7 +1,7 @@
image:
repository: tccr.io/tccr/alpine
pullPolicy: IfNotPresent
- tag: latest@sha256:12e0f84947ee7fc11f552e065a46d5a2b4e27cfc6ded0f624fc948c3138fb9a9
+ tag: latest@sha256:14eaf3fc268822c9631c45eeabb818f6c357edada9380fd725d6591b70e6edcc
service:
main:
diff --git a/operators/cloudnative-pg/5.2.11/questions.yaml b/operators/cloudnative-pg/5.2.12/questions.yaml
similarity index 100%
rename from operators/cloudnative-pg/5.2.11/questions.yaml
rename to operators/cloudnative-pg/5.2.12/questions.yaml
diff --git a/stable/wg-easy/9.0.3/templates/NOTES.txt b/operators/cloudnative-pg/5.2.12/templates/NOTES.txt
similarity index 100%
rename from stable/wg-easy/9.0.3/templates/NOTES.txt
rename to operators/cloudnative-pg/5.2.12/templates/NOTES.txt
diff --git a/operators/cloudnative-pg/5.2.11/templates/common.yaml b/operators/cloudnative-pg/5.2.12/templates/common.yaml
similarity index 100%
rename from operators/cloudnative-pg/5.2.11/templates/common.yaml
rename to operators/cloudnative-pg/5.2.12/templates/common.yaml
diff --git a/stable/wg-easy/9.0.3/values.yaml b/operators/cloudnative-pg/5.2.12/values.yaml
similarity index 100%
rename from stable/wg-easy/9.0.3/values.yaml
rename to operators/cloudnative-pg/5.2.12/values.yaml
diff --git a/operators/metallb/13.1.12/CHANGELOG.md b/operators/metallb/13.1.12/CHANGELOG.md
new file mode 100644
index 0000000000..55144c70ad
--- /dev/null
+++ b/operators/metallb/13.1.12/CHANGELOG.md
@@ -0,0 +1,99 @@
+---
+title: Changelog
+---
+
+**Important:**
+*for the complete changelog, please refer to the website*
+
+
+
+## [metallb-13.1.12](https://github.com/truecharts/charts/compare/metallb-13.1.11...metallb-13.1.12) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470))
+
+
+## [metallb-13.1.11](https://github.com/truecharts/charts/compare/metallb-13.1.10...metallb-13.1.11) (2024-01-21)
+
+### Chore
+
+
+
+- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409))
+
+
+## [metallb-13.1.10](https://github.com/truecharts/charts/compare/metallb-13.1.9...metallb-13.1.10) (2024-01-21)
+
+### Chore
+
+
+
+- update metadata in chart.yaml ([#17457](https://github.com/truecharts/charts/issues/17457))
+
+
+
+
+## [metallb-13.1.9](https://github.com/truecharts/charts/compare/metallb-13.1.8...metallb-13.1.9) (2024-01-09)
+
+### Chore
+
+
+
+- update container image common to v17.2.22[@e7c9056](https://github.com/e7c9056) by renovate ([#16986](https://github.com/truecharts/charts/issues/16986))
+
+
+## [metallb-13.1.8](https://github.com/truecharts/charts/compare/metallb-13.1.7...metallb-13.1.8) (2024-01-02)
+
+### Chore
+
+
+
+- force bump to ensure up-to-date catalogs
+
+
+## [metallb-13.1.7](https://github.com/truecharts/charts/compare/metallb-13.1.6...metallb-13.1.7) (2024-01-02)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/alpine to latest[@12e0f84](https://github.com/12e0f84) by renovate ([#16791](https://github.com/truecharts/charts/issues/16791))
+
+
+## [metallb-13.1.6](https://github.com/truecharts/charts/compare/metallb-13.1.5...metallb-13.1.6) (2024-01-02)
+
+### Chore
+
+
+
+- fix some refs ([#16749](https://github.com/truecharts/charts/issues/16749))
+
+
+## [metallb-13.1.5](https://github.com/truecharts/charts/compare/metallb-13.1.4...metallb-13.1.5) (2024-01-01)
+
+### Chore
+
+
+
+- increase common version for oci fixes
+
+
+## [metallb-13.1.4](https://github.com/truecharts/charts/compare/metallb-13.1.3...metallb-13.1.4) (2024-01-01)
+
+### Chore
+
+
+
+- ensure everything is bumped into oci
+
+
+## [metallb-13.1.3](https://github.com/truecharts/charts/compare/metallb-13.1.0...metallb-13.1.3) (2024-01-01)
+
+### Chore
+
+
+
+- bump all charts for OCI test push
diff --git a/operators/metallb/13.1.12/Chart.yaml b/operators/metallb/13.1.12/Chart.yaml
new file mode 100644
index 0000000000..bc8da8ff2b
--- /dev/null
+++ b/operators/metallb/13.1.12/Chart.yaml
@@ -0,0 +1,45 @@
+annotations:
+ max_scale_version: 23.10.2
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: operators
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: operators
+apiVersion: v2
+appVersion: latest
+dependencies:
+ - name: common
+ version: 17.2.26
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+ - name: metallb
+ version: 0.13.12
+ repository: https://metallb.github.io/metallb
+ condition: ""
+ alias: metallb
+ tags: []
+ import-values: []
+deprecated: false
+description: A network load-balancer implementation for Kubernetes using standard routing protocols
+home: https://truecharts.org/charts/operators/metallb
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/metallb.png
+keywords:
+ - metallb
+ - loadbalancer
+kubeVersion: ">=1.24.0-0"
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: metallb
+sources:
+ - https://github.com/metallb/metallb
+ - https://metallb.universe.tf
+ - https://github.com/truecharts/charts/tree/master/charts/operators/metallb
+ - https://github.com/truecharts/containers/tree/master/apps/alpine
+type: application
+version: 13.1.12
diff --git a/operators/prometheus-operator/4.5.2/LICENSE b/operators/metallb/13.1.12/LICENSE
similarity index 100%
rename from operators/prometheus-operator/4.5.2/LICENSE
rename to operators/metallb/13.1.12/LICENSE
diff --git a/operators/metallb/13.1.12/README.md b/operators/metallb/13.1.12/README.md
new file mode 100644
index 0000000000..07b6c03032
--- /dev/null
+++ b/operators/metallb/13.1.12/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/operators/metallb)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/operators/metallb/13.1.12/app-changelog.md b/operators/metallb/13.1.12/app-changelog.md
new file mode 100644
index 0000000000..2e0e199871
--- /dev/null
+++ b/operators/metallb/13.1.12/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [metallb-13.1.12](https://github.com/truecharts/charts/compare/metallb-13.1.11...metallb-13.1.12) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470))
\ No newline at end of file
diff --git a/operators/metallb/13.1.12/app-readme.md b/operators/metallb/13.1.12/app-readme.md
new file mode 100644
index 0000000000..ef8e745914
--- /dev/null
+++ b/operators/metallb/13.1.12/app-readme.md
@@ -0,0 +1,8 @@
+A network load-balancer implementation for Kubernetes using standard routing protocols
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/operators/metallb](https://truecharts.org/charts/operators/metallb)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/znc/8.1.11/charts/common-17.2.26.tgz b/operators/metallb/13.1.12/charts/common-17.2.26.tgz
similarity index 100%
rename from stable/znc/8.1.11/charts/common-17.2.26.tgz
rename to operators/metallb/13.1.12/charts/common-17.2.26.tgz
diff --git a/operators/metallb/13.1.12/charts/metallb-0.13.12.tgz b/operators/metallb/13.1.12/charts/metallb-0.13.12.tgz
new file mode 100644
index 0000000000..9e8367bda3
Binary files /dev/null and b/operators/metallb/13.1.12/charts/metallb-0.13.12.tgz differ
diff --git a/operators/metallb/13.1.12/ix_values.yaml b/operators/metallb/13.1.12/ix_values.yaml
new file mode 100644
index 0000000000..9c5292b70d
--- /dev/null
+++ b/operators/metallb/13.1.12/ix_values.yaml
@@ -0,0 +1,25 @@
+image:
+ repository: tccr.io/tccr/alpine
+ pullPolicy: IfNotPresent
+ tag: latest@sha256:14eaf3fc268822c9631c45eeabb818f6c357edada9380fd725d6591b70e6edcc
+
+service:
+ main:
+ enabled: false
+ ports:
+ main:
+ enabled: false
+
+workload:
+ main:
+ enabled: false
+
+portal:
+ open:
+ enabled: false
+
+operator:
+ register: true
+
+manifestManager:
+ enabled: false
diff --git a/operators/prometheus-operator/4.5.2/questions.yaml b/operators/metallb/13.1.12/questions.yaml
similarity index 100%
rename from operators/prometheus-operator/4.5.2/questions.yaml
rename to operators/metallb/13.1.12/questions.yaml
diff --git a/stable/znc/8.1.11/templates/NOTES.txt b/operators/metallb/13.1.12/templates/NOTES.txt
similarity index 100%
rename from stable/znc/8.1.11/templates/NOTES.txt
rename to operators/metallb/13.1.12/templates/NOTES.txt
diff --git a/operators/metallb/13.1.12/templates/common.yaml b/operators/metallb/13.1.12/templates/common.yaml
new file mode 100644
index 0000000000..995efb03eb
--- /dev/null
+++ b/operators/metallb/13.1.12/templates/common.yaml
@@ -0,0 +1,5 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.v1.common.loader.init" . }}
+
+{{/* Render the templates */}}
+{{ include "tc.v1.common.loader.apply" . }}
diff --git a/stable/znc/8.1.11/values.yaml b/operators/metallb/13.1.12/values.yaml
similarity index 100%
rename from stable/znc/8.1.11/values.yaml
rename to operators/metallb/13.1.12/values.yaml
diff --git a/operators/prometheus-operator/4.5.2/app-changelog.md b/operators/prometheus-operator/4.5.2/app-changelog.md
deleted file mode 100644
index 5ec5673722..0000000000
--- a/operators/prometheus-operator/4.5.2/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [prometheus-operator-4.5.2](https://github.com/truecharts/charts/compare/prometheus-operator-4.5.1...prometheus-operator-4.5.2) (2024-01-21)
-
-### Chore
-
-
-
-- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409))
\ No newline at end of file
diff --git a/operators/prometheus-operator/4.5.2/CHANGELOG.md b/operators/prometheus-operator/4.5.3/CHANGELOG.md
similarity index 89%
rename from operators/prometheus-operator/4.5.2/CHANGELOG.md
rename to operators/prometheus-operator/4.5.3/CHANGELOG.md
index ee6be1e0b6..d804dc1f72 100644
--- a/operators/prometheus-operator/4.5.2/CHANGELOG.md
+++ b/operators/prometheus-operator/4.5.3/CHANGELOG.md
@@ -7,6 +7,15 @@ title: Changelog
+## [prometheus-operator-4.5.3](https://github.com/truecharts/charts/compare/prometheus-operator-4.5.2...prometheus-operator-4.5.3) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470))
+
+
## [prometheus-operator-4.5.2](https://github.com/truecharts/charts/compare/prometheus-operator-4.5.1...prometheus-operator-4.5.2) (2024-01-21)
### Chore
@@ -88,12 +97,3 @@ title: Changelog
### Chore
-
-
-- force bump to ensure up-to-date catalogs
-
-
-## [prometheus-operator-3.1.6](https://github.com/truecharts/charts/compare/prometheus-operator-3.1.5...prometheus-operator-3.1.6) (2024-01-02)
-
-### Chore
-
diff --git a/operators/prometheus-operator/4.5.2/Chart.yaml b/operators/prometheus-operator/4.5.3/Chart.yaml
similarity index 98%
rename from operators/prometheus-operator/4.5.2/Chart.yaml
rename to operators/prometheus-operator/4.5.3/Chart.yaml
index 14a8064f28..4f773a4f8f 100644
--- a/operators/prometheus-operator/4.5.2/Chart.yaml
+++ b/operators/prometheus-operator/4.5.3/Chart.yaml
@@ -42,4 +42,4 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/operators/prometheus-operator
- https://github.com/truecharts/containers/tree/master/apps/alpine
type: application
-version: 4.5.2
+version: 4.5.3
diff --git a/operators/prometheus-operator/4.5.3/LICENSE b/operators/prometheus-operator/4.5.3/LICENSE
new file mode 100644
index 0000000000..4dfe12ac30
--- /dev/null
+++ b/operators/prometheus-operator/4.5.3/LICENSE
@@ -0,0 +1,106 @@
+Business Source License 1.1
+
+Parameters
+
+Licensor: The TrueCharts Project, it's owner and it's contributors
+Licensed Work: The TrueCharts "MetalLB" Helm Chart
+Additional Use Grant: You may use the licensed work in production, as long
+ as it is directly sourced from a TrueCharts provided
+ official repository, catalog or source. You may also make private
+ modification to the directly sourced licenced work,
+ when used in production.
+
+ The following cases are, due to their nature, also
+ defined as 'production use' and explicitly prohibited:
+ - Bundling, including or displaying the licensed work
+ with(in) another work intended for production use,
+ with the apparent intend of facilitating and/or
+ promoting production use by third parties in
+ violation of this license.
+
+Change Date: 2050-01-01
+
+Change License: 3-clause BSD license
+
+For information about alternative licensing arrangements for the Software,
+please contact: legal@truecharts.org
+
+Notice
+
+The Business Source License (this document, or the “License”) is not an Open
+Source license. However, the Licensed Work will eventually be made available
+under an Open Source License, as stated in this License.
+
+License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
+“Business Source License” is a trademark of MariaDB Corporation Ab.
+
+-----------------------------------------------------------------------------
+
+Business Source License 1.1
+
+Terms
+
+The Licensor hereby grants you the right to copy, modify, create derivative
+works, redistribute, and make non-production use of the Licensed Work. The
+Licensor may make an Additional Use Grant, above, permitting limited
+production use.
+
+Effective on the Change Date, or the fourth anniversary of the first publicly
+available distribution of a specific version of the Licensed Work under this
+License, whichever comes first, the Licensor hereby grants you rights under
+the terms of the Change License, and the rights granted in the paragraph
+above terminate.
+
+If your use of the Licensed Work does not comply with the requirements
+currently in effect as described in this License, you must purchase a
+commercial license from the Licensor, its affiliated entities, or authorized
+resellers, or you must refrain from using the Licensed Work.
+
+All copies of the original and modified Licensed Work, and derivative works
+of the Licensed Work, are subject to this License. This License applies
+separately for each version of the Licensed Work and the Change Date may vary
+for each version of the Licensed Work released by Licensor.
+
+You must conspicuously display this License on each original or modified copy
+of the Licensed Work. If you receive the Licensed Work in original or
+modified form from a third party, the terms and conditions set forth in this
+License apply to your use of that work.
+
+Any use of the Licensed Work in violation of this License will automatically
+terminate your rights under this License for the current and all other
+versions of the Licensed Work.
+
+This License does not grant you any right in any trademark or logo of
+Licensor or its affiliates (provided that you may use a trademark or logo of
+Licensor as expressly required by this License).
+
+TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
+AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
+EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
+TITLE.
+
+MariaDB hereby grants you permission to use this License’s text to license
+your works, and to refer to it using the trademark “Business Source License”,
+as long as you comply with the Covenants of Licensor below.
+
+Covenants of Licensor
+
+In consideration of the right to use this License’s text and the “Business
+Source License” name and trademark, Licensor covenants to MariaDB, and to all
+other recipients of the licensed work to be provided by Licensor:
+
+1. To specify as the Change License the GPL Version 2.0 or any later version,
+ or a license that is compatible with GPL Version 2.0 or a later version,
+ where “compatible” means that software provided under the Change License can
+ be included in a program with software provided under GPL Version 2.0 or a
+ later version. Licensor may specify additional Change Licenses without
+ limitation.
+
+2. To either: (a) specify an additional grant of rights to use that does not
+ impose any additional restriction on the right granted in this License, as
+ the Additional Use Grant; or (b) insert the text “None”.
+
+3. To specify a Change Date.
+
+4. Not to modify this License in any other way.
diff --git a/operators/prometheus-operator/4.5.2/README.md b/operators/prometheus-operator/4.5.3/README.md
similarity index 100%
rename from operators/prometheus-operator/4.5.2/README.md
rename to operators/prometheus-operator/4.5.3/README.md
diff --git a/operators/prometheus-operator/4.5.3/app-changelog.md b/operators/prometheus-operator/4.5.3/app-changelog.md
new file mode 100644
index 0000000000..36cf480b85
--- /dev/null
+++ b/operators/prometheus-operator/4.5.3/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [prometheus-operator-4.5.3](https://github.com/truecharts/charts/compare/prometheus-operator-4.5.2...prometheus-operator-4.5.3) (2024-01-21)
+
+### Chore
+
+
+
+- update container image tccr.io/tccr/alpine to latest[@14eaf3f](https://github.com/14eaf3f) by renovate ([#17470](https://github.com/truecharts/charts/issues/17470))
\ No newline at end of file
diff --git a/operators/prometheus-operator/4.5.2/app-readme.md b/operators/prometheus-operator/4.5.3/app-readme.md
similarity index 100%
rename from operators/prometheus-operator/4.5.2/app-readme.md
rename to operators/prometheus-operator/4.5.3/app-readme.md
diff --git a/operators/prometheus-operator/4.5.3/charts/common-17.2.26.tgz b/operators/prometheus-operator/4.5.3/charts/common-17.2.26.tgz
new file mode 100644
index 0000000000..e5258f6f31
Binary files /dev/null and b/operators/prometheus-operator/4.5.3/charts/common-17.2.26.tgz differ
diff --git a/operators/prometheus-operator/4.5.2/charts/kube-prometheus-stack-55.11.0.tgz b/operators/prometheus-operator/4.5.3/charts/kube-prometheus-stack-55.11.0.tgz
similarity index 100%
rename from operators/prometheus-operator/4.5.2/charts/kube-prometheus-stack-55.11.0.tgz
rename to operators/prometheus-operator/4.5.3/charts/kube-prometheus-stack-55.11.0.tgz
diff --git a/operators/prometheus-operator/4.5.2/ix_values.yaml b/operators/prometheus-operator/4.5.3/ix_values.yaml
similarity index 97%
rename from operators/prometheus-operator/4.5.2/ix_values.yaml
rename to operators/prometheus-operator/4.5.3/ix_values.yaml
index e6f6e7a90d..1b78b12193 100644
--- a/operators/prometheus-operator/4.5.2/ix_values.yaml
+++ b/operators/prometheus-operator/4.5.3/ix_values.yaml
@@ -1,7 +1,7 @@
image:
repository: tccr.io/tccr/alpine
pullPolicy: IfNotPresent
- tag: latest@sha256:12e0f84947ee7fc11f552e065a46d5a2b4e27cfc6ded0f624fc948c3138fb9a9
+ tag: latest@sha256:14eaf3fc268822c9631c45eeabb818f6c357edada9380fd725d6591b70e6edcc
service:
main:
diff --git a/operators/prometheus-operator/4.5.3/questions.yaml b/operators/prometheus-operator/4.5.3/questions.yaml
new file mode 100644
index 0000000000..e4653ab8c3
--- /dev/null
+++ b/operators/prometheus-operator/4.5.3/questions.yaml
@@ -0,0 +1,45 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
diff --git a/operators/prometheus-operator/4.5.3/templates/NOTES.txt b/operators/prometheus-operator/4.5.3/templates/NOTES.txt
new file mode 100644
index 0000000000..efcb74cb77
--- /dev/null
+++ b/operators/prometheus-operator/4.5.3/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/operators/prometheus-operator/4.5.2/templates/common.yaml b/operators/prometheus-operator/4.5.3/templates/common.yaml
similarity index 100%
rename from operators/prometheus-operator/4.5.2/templates/common.yaml
rename to operators/prometheus-operator/4.5.3/templates/common.yaml
diff --git a/operators/prometheus-operator/4.5.3/values.yaml b/operators/prometheus-operator/4.5.3/values.yaml
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/stable/rsshub/11.1.23/CHANGELOG.md b/stable/rsshub/11.1.23/CHANGELOG.md
new file mode 100644
index 0000000000..1ae0f4d05d
--- /dev/null
+++ b/stable/rsshub/11.1.23/CHANGELOG.md
@@ -0,0 +1,99 @@
+---
+title: Changelog
+---
+
+**Important:**
+*for the complete changelog, please refer to the website*
+
+
+
+## [rsshub-11.1.23](https://github.com/truecharts/charts/compare/rsshub-11.1.22...rsshub-11.1.23) (2024-01-21)
+
+### Chore
+
+
+
+- update container image diygod/rsshub to latest[@1b05e63](https://github.com/1b05e63) by renovate ([#17466](https://github.com/truecharts/charts/issues/17466))
+
+
+## [rsshub-11.1.22](https://github.com/truecharts/charts/compare/rsshub-11.1.21...rsshub-11.1.22) (2024-01-21)
+
+### Chore
+
+
+
+- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409))
+
+
+## [rsshub-11.1.21](https://github.com/truecharts/charts/compare/rsshub-11.1.20...rsshub-11.1.21) (2024-01-21)
+
+### Chore
+
+
+
+- update metadata in chart.yaml ([#17457](https://github.com/truecharts/charts/issues/17457))
+
+
+## [rsshub-11.1.20](https://github.com/truecharts/charts/compare/rsshub-11.1.19...rsshub-11.1.20) (2024-01-21)
+
+### Chore
+
+
+
+- update container image diygod/rsshub to latest[@e924ec2](https://github.com/e924ec2) by renovate ([#17335](https://github.com/truecharts/charts/issues/17335))
+
+
+## [rsshub-11.1.19](https://github.com/truecharts/charts/compare/rsshub-11.1.18...rsshub-11.1.19) (2024-01-15)
+
+### Chore
+
+
+
+- update container image diygod/rsshub to latest[@e4c9c9e](https://github.com/e4c9c9e) by renovate ([#17276](https://github.com/truecharts/charts/issues/17276))
+
+
+## [rsshub-11.1.18](https://github.com/truecharts/charts/compare/rsshub-11.1.17...rsshub-11.1.18) (2024-01-15)
+
+### Chore
+
+
+
+- update helm general non-major by renovate ([#17105](https://github.com/truecharts/charts/issues/17105))
+
+
+## [rsshub-11.1.17](https://github.com/truecharts/charts/compare/rsshub-11.1.16...rsshub-11.1.17) (2024-01-15)
+
+### Chore
+
+
+
+- update container image diygod/rsshub to latest[@406fe63](https://github.com/406fe63) by renovate ([#17226](https://github.com/truecharts/charts/issues/17226))
+
+
+## [rsshub-11.1.16](https://github.com/truecharts/charts/compare/rsshub-11.1.15...rsshub-11.1.16) (2024-01-14)
+
+### Chore
+
+
+
+- update container image diygod/rsshub to latest[@7018239](https://github.com/7018239) by renovate ([#17123](https://github.com/truecharts/charts/issues/17123))
+
+
+
+
+## [rsshub-11.1.15](https://github.com/truecharts/charts/compare/rsshub-11.1.14...rsshub-11.1.15) (2024-01-09)
+
+### Chore
+
+
+
+- update container image common to v17.2.22[@e7c9056](https://github.com/e7c9056) by renovate ([#16986](https://github.com/truecharts/charts/issues/16986))
+
+
+## [rsshub-11.1.14](https://github.com/truecharts/charts/compare/rsshub-11.1.13...rsshub-11.1.14) (2024-01-08)
+
+### Chore
+
+
+
+- update container image diygod/rsshub to latest[@6c3ece7](https://github.com/6c3ece7) by renovate ([#16973](https://github.com/truecharts/charts/issues/16973))
diff --git a/stable/rsshub/11.1.23/Chart.yaml b/stable/rsshub/11.1.23/Chart.yaml
new file mode 100644
index 0000000000..1e30e16fac
--- /dev/null
+++ b/stable/rsshub/11.1.23/Chart.yaml
@@ -0,0 +1,46 @@
+annotations:
+ max_scale_version: 23.10.2
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: media
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: stable
+apiVersion: v2
+appVersion: latest
+dependencies:
+ - name: common
+ version: 17.2.26
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+ - name: redis
+ version: 11.1.9
+ repository: https://deps.truecharts.org
+ condition: redis.enabled
+ alias: ""
+ tags: []
+ import-values: []
+deprecated: false
+description: RSSHub can generate RSS feeds from pretty much everything
+home: https://truecharts.org/charts/stable/rsshub
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/rsshub.png
+keywords:
+ - rsshub
+ - rss
+kubeVersion: ">=1.24.0-0"
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: rsshub
+sources:
+ - https://docs.rsshub.app/en/install/
+ - https://github.com/DIYgod/RSSHub
+ - https://github.com/truecharts/charts/tree/master/charts/stable/rsshub
+ - https://hub.docker.com/r/diygod/rsshub
+ - https://hub.docker.com/r/browserless/chrome
+type: application
+version: 11.1.23
diff --git a/stable/rsshub/11.1.23/README.md b/stable/rsshub/11.1.23/README.md
new file mode 100644
index 0000000000..5f716c0ae2
--- /dev/null
+++ b/stable/rsshub/11.1.23/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/rsshub)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/stable/rsshub/11.1.23/app-changelog.md b/stable/rsshub/11.1.23/app-changelog.md
new file mode 100644
index 0000000000..680848ae1e
--- /dev/null
+++ b/stable/rsshub/11.1.23/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [rsshub-11.1.23](https://github.com/truecharts/charts/compare/rsshub-11.1.22...rsshub-11.1.23) (2024-01-21)
+
+### Chore
+
+
+
+- update container image diygod/rsshub to latest[@1b05e63](https://github.com/1b05e63) by renovate ([#17466](https://github.com/truecharts/charts/issues/17466))
\ No newline at end of file
diff --git a/stable/rsshub/11.1.23/app-readme.md b/stable/rsshub/11.1.23/app-readme.md
new file mode 100644
index 0000000000..88624b986e
--- /dev/null
+++ b/stable/rsshub/11.1.23/app-readme.md
@@ -0,0 +1,8 @@
+RSSHub can generate RSS feeds from pretty much everything
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/rsshub](https://truecharts.org/charts/stable/rsshub)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/rsshub/11.1.23/charts/common-17.2.26.tgz b/stable/rsshub/11.1.23/charts/common-17.2.26.tgz
new file mode 100644
index 0000000000..e5258f6f31
Binary files /dev/null and b/stable/rsshub/11.1.23/charts/common-17.2.26.tgz differ
diff --git a/stable/rsshub/11.1.23/charts/redis-11.1.9.tgz b/stable/rsshub/11.1.23/charts/redis-11.1.9.tgz
new file mode 100644
index 0000000000..11d1005f63
Binary files /dev/null and b/stable/rsshub/11.1.23/charts/redis-11.1.9.tgz differ
diff --git a/stable/rsshub/11.1.23/ix_values.yaml b/stable/rsshub/11.1.23/ix_values.yaml
new file mode 100644
index 0000000000..377db8394f
--- /dev/null
+++ b/stable/rsshub/11.1.23/ix_values.yaml
@@ -0,0 +1,62 @@
+image:
+ repository: diygod/rsshub
+ pullPolicy: IfNotPresent
+ tag: latest@sha256:1b05e6312e31c0ef29f68806ce5990a108861c549bb0e42472d5034527c99fa6
+browserlessImage:
+ repository: browserless/chrome
+ tag: 1.60.2-chrome-stable@sha256:7db5e3aad20c201abaa03bbbc868a55ef96574cda0e67ccb7e4e032053ecb87d
+service:
+ main:
+ ports:
+ main:
+ port: 10191
+# Enabled redis
+redis:
+ enabled: true
+ redisUsername: default
+additionalContainers:
+ browserless:
+ name: browserless
+ image: "{{ .Values.browserlessImage.repository }}:{{ .Values.browserlessImage.tag }}"
+ ports:
+ - containerPort: 3000
+ name: main
+portal:
+ open:
+ enabled: true
+securityContext:
+ container:
+ runAsNonRoot: false
+ readOnlyRootFilesystem: false
+ runAsUser: 0
+ runAsGroup: 0
+workload:
+ main:
+ podSpec:
+ containers:
+ main:
+ env:
+ PORT: "{{ .Values.service.main.ports.main.port }}"
+ NODE_ENV: production
+ CACHE_TYPE: "redis"
+ PUPPETEER_WS_ENDPOINT: "ws://localhost:3000"
+ NODE_NAME: "{{ .Release.Name }}-{{ randAlphaNum 5 }}"
+ # User defined
+ # ALLOW_ORIGIN: ""
+ DISALLOW_ROBOT: false
+ TITLE_LENGTH_LIMIT: 150
+ REDIS_URL:
+ secretKeyRef:
+ expandObjectName: false
+ name: '{{ printf "%s-%s" .Release.Name "rediscreds" }}'
+ key: url
+ HTTP_BASIC_AUTH_NAME: ""
+ HTTP_BASIC_AUTH_PASS: ""
+ BITBUCKET_USERNAME: ""
+ BITBUCKET_PASSWORD: ""
+ GITHUB_ACCESS_TOKEN: ""
+ GOOGLE_FONTS_API_KEY: ""
+ YOUTUBE_KEY: ""
+ TELEGRAM_TOKEN: ""
+ LASTFM_API_KEY: ""
+updated: true
diff --git a/stable/rsshub/11.1.23/questions.yaml b/stable/rsshub/11.1.23/questions.yaml
new file mode 100644
index 0000000000..79557e61b0
--- /dev/null
+++ b/stable/rsshub/11.1.23/questions.yaml
@@ -0,0 +1,2613 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+portals:
+ open:
+ protocols:
+ - "$kubernetes-resource_configmap_tcportal-open_protocol"
+ host:
+ - "$kubernetes-resource_configmap_tcportal-open_host"
+ ports:
+ - "$kubernetes-resource_configmap_tcportal-open_port"
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
+ - variable: workload
+ group: "Workload Settings"
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Type (Advanced)
+ schema:
+ type: string
+ default: Deployment
+ enum:
+ - value: Deployment
+ description: Deployment
+ - value: DaemonSet
+ description: DaemonSet
+ - variable: replicas
+ label: Replicas (Advanced)
+ description: Set the number of Replicas
+ schema:
+ type: int
+ show_if: [["type", "!=", "DaemonSet"]]
+ default: 1
+ - variable: podSpec
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: containers
+ label: Containers
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: Main Container
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: env
+ group: "App Configuration"
+ label: "Image Environment"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: HTTP_BASIC_AUTH_NAME
+ label: "HTTP_BASIC_AUTH_NAME"
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: HTTP_BASIC_AUTH_PASS
+ label: "HTTP_BASIC_AUTH_PASS"
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: BITBUCKET_USERNAME
+ label: "BITBUCKET_USERNAME"
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: BITBUCKET_PASSWORD
+ label: "BITBUCKET_PASSWORD"
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: GITHUB_ACCESS_TOKEN
+ label: "GITHUB_ACCESS_TOKEN"
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: GOOGLE_FONTS_API_KEY
+ label: "GOOGLE_FONTS_API_KEY"
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: YOUTUBE_KEY
+ label: "YOUTUBE_KEY"
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: TELEGRAM_TOKEN
+ label: "TELEGRAM_TOKEN"
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: LASTFM_API_KEY
+ label: "LASTFM_API_KEY"
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: DISALLOW_ROBOT
+ label: "DISALLOW_ROBOT"
+ schema:
+ type: boolean
+ default: false
+ - variable: envList
+ label: Extra Environment Variables
+ description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ - variable: extraArgs
+ label: Extra Args
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: arg
+ label: Arg
+ schema:
+ type: string
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: command
+ label: Command
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: param
+ label: Param
+ schema:
+ type: string
+ - variable: TZ
+ label: Timezone
+ group: "General Settings"
+ schema:
+ type: string
+ default: "Etc/UTC"
+ $ref:
+ - "definitions/timezone"
+ - variable: podOptions
+ group: "General Settings"
+ label: "Global Pod Options (Advanced)"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: expertPodOpts
+ label: "Expert - Pod Options"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hostNetwork
+ label: "Host Networking"
+ schema:
+ type: boolean
+ default: false
+ - variable: dnsConfig
+ label: "DNS Configuration"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: options
+ label: "Options"
+ schema:
+ type: list
+ default: [{"name": "ndots", "value": "1"}]
+ items:
+ - variable: optionsEntry
+ label: "Option Entry"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: nameservers
+ label: "Nameservers"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: nsEntry
+ label: "Nameserver Entry"
+ schema:
+ type: string
+ required: true
+ - variable: searches
+ label: "Searches"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: searchEntry
+ label: "Search Entry"
+ schema:
+ type: string
+ required: true
+
+ - variable: imagePullSecretList
+ group: "General Settings"
+ label: "Image Pull Secrets"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pullsecretentry
+ label: "Pull Secret"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: data
+ label: Data
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: registry
+ label: "Registry"
+ schema:
+ type: string
+ required: true
+ default: "https://index.docker.io/v1/"
+ - variable: username
+ label: "Username"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: password
+ label: "Password"
+ schema:
+ type: string
+ required: true
+ private: true
+ default: ""
+ - variable: email
+ label: "Email"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: service
+ group: Networking and Services
+ label: Configure Service(s)
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Service"
+ description: "The Primary service on which the healthcheck runs, often the webUI"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Service
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: LoadBalancer
+ description: LoadBalancer (Expose Ports)
+ - value: ClusterIP
+ description: ClusterIP (Do Not Expose Ports)
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: ports
+ label: "Service's Port(s) Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Service Port Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: "Port"
+ description: "This port exposes the container port on the service"
+ schema:
+ type: int
+ default: 10191
+ required: true
+ - variable: serviceexpert
+ group: Networking and Services
+ label: Show Expert Config
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: scaleExternalInterface
+ description: Add External Interfaces
+ label: Add external Interfaces
+ group: Networking
+ schema:
+ type: list
+ items:
+ - variable: interfaceConfiguration
+ description: Interface Configuration
+ label: Interface Configuration
+ schema:
+ additional_attrs: true
+ type: dict
+ $ref:
+ - "normalize/interfaceConfiguration"
+ attrs:
+ - variable: hostInterface
+ description: Please Specify Host Interface
+ label: Host Interface
+ schema:
+ type: string
+ required: true
+ $ref:
+ - "definitions/interface"
+ - variable: ipam
+ description: Define how IP Address will be managed
+ label: IP Address Management
+ schema:
+ additional_attrs: true
+ type: dict
+ required: true
+ attrs:
+ - variable: type
+ description: Specify type for IPAM
+ label: IPAM Type
+ schema:
+ type: string
+ required: true
+ enum:
+ - value: dhcp
+ description: Use DHCP
+ - value: static
+ description: Use Static IP
+ - variable: staticIPConfigurations
+ label: Static IP Addresses
+ schema:
+ type: list
+ show_if: [["type", "=", "static"]]
+ items:
+ - variable: staticIP
+ label: Static IP
+ schema:
+ type: ipaddr
+ cidr: true
+ - variable: staticRoutes
+ label: Static Routes
+ schema:
+ type: list
+ show_if: [["type", "=", "static"]]
+ items:
+ - variable: staticRouteConfiguration
+ label: Static Route Configuration
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: destination
+ label: Destination
+ schema:
+ type: ipaddr
+ cidr: true
+ required: true
+ - variable: gateway
+ label: Gateway
+ schema:
+ type: ipaddr
+ cidr: false
+ required: true
+ - variable: serviceList
+ label: Add Manual Custom Services
+ group: Networking and Services
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: serviceListEntry
+ label: Custom Service
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the service
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ default: ""
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: LoadBalancer
+ description: LoadBalancer (Expose Ports)
+ - value: ClusterIP
+ description: ClusterIP (Do Not Expose Ports)
+ - value: Simple
+ description: Deprecated CHANGE THIS
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: advancedsvcset
+ label: Show Advanced Service Settings
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: External IP
+ schema:
+ type: string
+ - variable: ipFamilyPolicy
+ label: IP Family Policy
+ description: Specify the IP Policy
+ schema:
+ type: string
+ default: SingleStack
+ enum:
+ - value: SingleStack
+ description: SingleStack
+ - value: PreferDualStack
+ description: PreferDualStack
+ - value: RequireDualStack
+ description: RequireDualStack
+ - variable: ipFamilies
+ label: IP Families
+ description: (Advanced) The IP Families that should be used
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ipFamily
+ label: IP Family
+ schema:
+ type: string
+ - variable: portsList
+ label: Additional Service Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsListEntry
+ label: Custom ports
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Port
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Port Name
+ schema:
+ type: string
+ default: ""
+ - variable: protocol
+ label: Port Type
+ schema:
+ type: string
+ default: tcp
+ enum:
+ - value: http
+ description: HTTP
+ - value: https
+ description: HTTPS
+ - value: tcp
+ description: TCP
+ - value: udp
+ description: UDP
+ - variable: targetPort
+ label: Target Port
+ description: This port exposes the container port on the service
+ schema:
+ type: int
+ required: true
+ - variable: port
+ label: Container Port
+ schema:
+ type: int
+ required: true
+ - variable: persistenceList
+ label: Additional App Storage
+ group: Storage and Persistence
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: persistenceListEntry
+ label: Custom Storage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the storage
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: Type of Storage
+ description: Sets the persistence type, Anything other than PVC could break rollback!
+ schema:
+ type: string
+ default: hostPath
+ enum:
+ - value: pvc
+ description: PVC
+ - value: hostPath
+ description: Host Path
+ - value: emptyDir
+ description: emptyDir
+ - value: nfs
+ description: NFS Share
+ - variable: server
+ label: NFS Server
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: path
+ label: Path on NFS Server
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: iscsi
+ label: iSCSI Options
+ schema:
+ show_if: [["type", "=", "iscsi"]]
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: targetPortal
+ label: targetPortal
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: iqn
+ label: iqn
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: lun
+ label: lun
+ schema:
+ type: int
+ default: 0
+ - variable: authSession
+ label: authSession
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: username
+ label: username
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: password
+ schema:
+ type: string
+ default: ""
+ - variable: usernameInitiator
+ label: usernameInitiator
+ schema:
+ type: string
+ default: ""
+ - variable: passwordInitiator
+ label: passwordInitiator
+ schema:
+ type: string
+ default: ""
+ - variable: authDiscovery
+ label: authDiscovery
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: username
+ label: username
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: password
+ schema:
+ type: string
+ default: ""
+ - variable: usernameInitiator
+ label: usernameInitiator
+ schema:
+ type: string
+ default: ""
+ - variable: passwordInitiator
+ label: passwordInitiator
+ schema:
+ type: string
+ default: ""
+ - variable: autoPermissions
+ label: Automatic Permissions Configuration
+ description: Automatically set permissions
+ schema:
+ show_if: [["type", "!=", "pvc"]]
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: chown
+ label: Run CHOWN
+ description: |
+ It will run CHOWN on the path with the given fsGroup
+ schema:
+ type: boolean
+ default: false
+ - variable: chmod
+ label: Run CHMOD
+ description: |
+ It will run CHMOD on the path with the given value
+ Format should be 3 digits, e.g. 770
+ schema:
+ type: string
+ valid_chars: '[0-9]{3}'
+ default: ""
+ - variable: recursive
+ label: Recursive
+ description: |
+ It will run CHOWN and CHMOD recursively
+ schema:
+ type: boolean
+ default: false
+ - variable: readOnly
+ label: Read Only
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: Host Path
+ description: Path inside the container the storage is mounted
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: hostpath
+ - variable: mountPath
+ label: Mount Path
+ description: Path inside the container the storage is mounted
+ schema:
+ type: string
+ default: ""
+ required: true
+ valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
+ - variable: medium
+ label: EmptyDir Medium
+ schema:
+ show_if: [["type", "=", "emptyDir"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: Default
+ - value: Memory
+ description: Memory
+ - variable: size
+ label: Size Quotum of Storage
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: 256Gi
+ - variable: storageClass
+ label: 'storageClass (Advanced)'
+ description: 'sets the storageClass to something other than iX default. Only for advanced usecases!'
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: ""
+ - variable: static
+ label: 'Static Fixed PVC Bindings (Experimental)'
+ description: Link a PVC to a specific storage location
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: mode
+ label: mode
+ description: |
+ disabled: use normal dynamic PVCs
+ smb: connect to an SMB share
+ nfs: connect to an NFS share
+ schema:
+ type: string
+ default: "disabled"
+ enum:
+ - value: "disabled"
+ description: disabled
+ - value: smb
+ description: smb
+ - value: nfs
+ description: nfs
+ - variable: server
+ label: Server
+ description: server to connect to
+ schema:
+ type: string
+ show_if: [["mode", "!=", "disabled"]]
+ default: "myserver"
+ - variable: share
+ label: Share
+ description: share to connect to
+ schema:
+ type: string
+ show_if: [["mode", "!=", "disabled"]]
+ default: "/myshare"
+ - variable: user
+ label: User
+ description: connecting user
+ schema:
+ type: string
+ show_if: [["mode", "=", "smb"]]
+ default: "myuser"
+ - variable: domain
+ label: Domain
+ description: user domain
+ schema:
+ type: string
+ show_if: [["mode", "=", "smb"]]
+ default: ""
+ - variable: password
+ label: Password
+ description: connecting password
+ schema:
+ type: string
+ show_if: [["mode", "=", "smb"]]
+ default: ""
+ - variable: volumeSnapshots
+ label: 'Volume Snapshots (Experimental)'
+ description: Add an entry to the list to force creation of a volumeSnapshot of this PVC
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: list
+ default: []
+ items:
+ - variable: volumeSnapshotEntry
+ label: Custom volumeSnapshot
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ description: 'WARNING: renaming this, means deletion of the snapshot with the old name!'
+ schema:
+ type: string
+ default: "mysnapshot"
+ required: true
+ - variable: volumeSnapshotClassName
+ label: 'volumeSnapshot Class Name (Advanced)'
+ description: For use with PVCs using a non-default storageClass
+ schema:
+ type: string
+ default: ""
+ - variable: ingress
+ label: ""
+ group: Ingress
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: [{path: "/", pathType: "Prefix"}]
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: 'Allow Cross Origin Requests (advanced)'
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: 'namespace (optional)'
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: homepage
+ label: Homepage
+ description: Connect ingress with Homepage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: name
+ label: Name (Optional)
+ description: Defaults to chart name
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: description
+ label: Description (Optional)
+ description: Defaults to chart description
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: icon
+ label: Icon (Optional)
+ description: Defaults to chart icon
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: group
+ label: Group
+ schema:
+ type: string
+ required: true
+ default: "default"
+ show_if: [["enabled", "=", true]]
+ - variable: widget
+ label: Widget Settings
+ schema:
+ type: dict
+ additional_attrs: true
+ show_if: [["enabled", "=", true]]
+ attrs:
+ - variable: enabled
+ label: Enable Widget
+ description: When disabled all widget annotations are skipped.
+ schema:
+ type: boolean
+ default: true
+ - variable: custom
+ label: Options
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: key
+ label: API-key (key)
+ schema:
+ type: string
+ default: ""
+ - variable: customkv
+ label: Custom Options
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: option
+ label: Option
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ - variable: ingressClassName
+ label: (Advanced/Optional) IngressClass Name
+ schema:
+ type: string
+ show_if: [["advanced", "=", true]]
+ default: ""
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ show_if: [["advanced", "=", true]]
+ default: []
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: 'Use Custom Certificate Secret (Advanced)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: 'Use TrueNAS SCALE Certificate (Deprecated)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: ingressList
+ label: Add Manual Custom Ingresses
+ group: Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressListEntry
+ label: Custom Ingress
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ default: ""
+ - variable: ingressClassName
+ label: IngressClass Name
+ schema:
+ type: string
+ default: ""
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: overrideService
+ label: Linked Service
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Service Name
+ schema:
+ type: string
+ default: ""
+ - variable: port
+ label: Service Port
+ schema:
+ type: int
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ default: []
+ show_if: [["certificateIssuer", "=", ""]]
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: Use TrueNAS SCALE Certificate (Deprecated)
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: Use Custom Secret (Advanced)
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: "Allow Cross Origin Requests"
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: namespace
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: homepage
+ label: Homepage
+ description: Connect ingress with Homepage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: name
+ label: Name
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: description
+ label: Description
+ description: defaults to chart description
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: group
+ label: Group
+ schema:
+ type: string
+ required: true
+ default: "default"
+ show_if: [["enabled", "=", true]]
+ - variable: securityContext
+ group: Security and Permissions
+ label: Security Context
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: container
+ label: Container
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ # Settings from questions.yaml get appended here on a per-app basis
+ - variable: runAsUser
+ label: "runAsUser"
+ description: "The UserID of the user running the application"
+ schema:
+ type: int
+ default: 0
+ - variable: runAsGroup
+ label: "runAsGroup"
+ description: "The groupID this App of the user running the application"
+ schema:
+ type: int
+ default: 0
+ # Settings from questions.yaml get appended here on a per-app basis
+ - variable: PUID
+ label: Process User ID - PUID
+ description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
+ schema:
+ type: int
+ show_if: [["runAsUser", "=", 0]]
+ default: 568
+ - variable: UMASK
+ label: UMASK
+ description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
+ schema:
+ type: string
+ default: "0022"
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: privileged
+ label: "Privileged mode"
+ schema:
+ type: boolean
+ default: false
+ - variable: readOnlyRootFilesystem
+ label: "ReadOnly Root Filesystem"
+ schema:
+ type: boolean
+ default: true
+ - variable: pod
+ label: Pod
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: fsGroupChangePolicy
+ label: "When should we take ownership?"
+ schema:
+ type: string
+ default: OnRootMismatch
+ enum:
+ - value: OnRootMismatch
+ description: OnRootMismatch
+ - value: Always
+ description: Always
+ - variable: supplementalGroups
+ label: Supplemental Groups
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: supplementalGroupsEntry
+ label: Supplemental Group
+ schema:
+ type: int
+ # Settings from questions.yaml get appended here on a per-app basis
+ - variable: fsGroup
+ label: "fsGroup"
+ description: "The group that should own ALL storage."
+ schema:
+ type: int
+ default: 568
+ - variable: resources
+ group: Resources and Devices
+ label: "Resource Limits"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: limits
+ label: Advanced Limit Resource Consumption
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 4000m
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: RAM
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 8Gi
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: requests
+ label: "Minimum Resources Required (request)"
+ schema:
+ additional_attrs: true
+ type: dict
+ hidden: true
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 10m
+ hidden: true
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: "RAM"
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 50Mi
+ hidden: true
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: deviceList
+ label: Mount USB Devices
+ group: Resources and Devices
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: deviceListEntry
+ label: Device
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Storage
+ schema:
+ type: boolean
+ default: true
+ - variable: type
+ label: (Advanced) Type of Storage
+ description: Sets the persistence type
+ schema:
+ type: string
+ default: device
+ hidden: true
+ - variable: readOnly
+ label: readOnly
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: Host Device Path
+ description: Path to the device on the host system
+ schema:
+ type: path
+ - variable: mountPath
+ label: Container Device Path
+ description: Path inside the container the device is mounted
+ schema:
+ type: string
+ default: "/dev/ttyACM0"
+ - variable: scaleGPU
+ label: GPU Configuration
+ group: Resources and Devices
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: scaleGPUEntry
+ label: GPU
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ # Specify GPU configuration
+ - variable: gpu
+ label: Select GPU
+ schema:
+ additional_attrs: true
+ type: dict
+ $ref:
+ - "definitions/gpuConfiguration"
+ attrs: []
+ - variable: workaround
+ label: "Workaround"
+ schema:
+ type: string
+ default: workaround
+ hidden: true
+# - variable: horizontalPodAutoscaler
+# group: Advanced
+# label: (Advanced) Horizontal Pod Autoscaler
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: hpaEntry
+# label: HPA Entry
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: name
+# label: Name
+# schema:
+# type: string
+# required: true
+# default: ""
+# - variable: enabled
+# label: Enabled
+# schema:
+# type: boolean
+# default: false
+# show_subquestions_if: true
+# subquestions:
+# - variable: target
+# label: Target
+# description: Deployment name, Defaults to Main Deployment
+# schema:
+# type: string
+# default: ""
+# - variable: minReplicas
+# label: Minimum Replicas
+# schema:
+# type: int
+# default: 1
+# - variable: maxReplicas
+# label: Maximum Replicas
+# schema:
+# type: int
+# default: 5
+# - variable: targetCPUUtilizationPercentage
+# label: Target CPU Utilization Percentage
+# schema:
+# type: int
+# default: 80
+# - variable: targetMemoryUtilizationPercentage
+# label: Target Memory Utilization Percentage
+# schema:
+# type: int
+# default: 80
+ - variable: networkPolicy
+ group: Advanced
+ label: (Advanced) Network Policy
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: netPolicyEntry
+ label: Network Policy Entry
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: policyType
+ label: Policy Type
+ schema:
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: Default
+ - value: ingress
+ description: Ingress
+ - value: egress
+ description: Egress
+ - value: ingress-egress
+ description: Ingress and Egress
+ - variable: egress
+ label: Egress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: egressEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: to
+ label: To
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: toEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: ipBlock
+ label: IP Block
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cidr
+ label: CIDR
+ schema:
+ type: string
+ default: ""
+ - variable: except
+ label: Except
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: exceptint
+ label: ""
+ schema:
+ type: string
+ - variable: namespaceSelector
+ label: Namespace Selector
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: podSelector
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: ports
+ label: Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ - variable: endPort
+ label: End Port
+ schema:
+ type: int
+ - variable: protocol
+ label: Protocol
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: TCP
+ description: TCP
+ - value: UDP
+ description: UDP
+ - value: SCTP
+ description: SCTP
+ - variable: ingress
+ label: Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: from
+ label: From
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: fromEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: ipBlock
+ label: IP Block
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cidr
+ label: CIDR
+ schema:
+ type: string
+ default: ""
+ - variable: except
+ label: Except
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: exceptint
+ label: ""
+ schema:
+ type: string
+ - variable: namespaceSelector
+ label: Namespace Selector
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: podSelector
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: ports
+ label: Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ - variable: endPort
+ label: End Port
+ schema:
+ type: int
+ - variable: protocol
+ label: Protocol
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: TCP
+ description: TCP
+ - value: UDP
+ description: UDP
+ - value: SCTP
+ description: SCTP
+ - variable: addons
+ group: Addons
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: codeserver
+ label: Codeserver
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: service
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: NodePort
+ description: Deprecated CHANGE THIS
+ - value: ClusterIP
+ description: ClusterIP
+ - value: LoadBalancer
+ description: LoadBalancer
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: ports
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: codeserver
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ default: 36107
+ - variable: ingress
+ label: "Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: [{path: "/", pathType: "Prefix"}]
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: 'Allow Cross Origin Requests (advanced)'
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: 'namespace (optional)'
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ - variable: ingressClassName
+ label: (Advanced/Optional) IngressClass Name
+ schema:
+ type: string
+ show_if: [["advanced", "=", true]]
+ default: ""
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ show_if: [["advanced", "=", true]]
+ default: []
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: 'Use Custom Certificate Secret (Advanced)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: 'Use TrueNAS SCALE Certificate (Deprecated)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: envList
+ label: Codeserver Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ - variable: netshoot
+ label: Netshoot
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: envList
+ label: Netshoot Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ - variable: vpn
+ label: VPN
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ schema:
+ type: string
+ default: disabled
+ enum:
+ - value: disabled
+ description: disabled
+ - value: gluetun
+ description: Gluetun
+ - value: tailscale
+ description: Tailscale
+ - value: openvpn
+ description: OpenVPN (Deprecated)
+ - value: wireguard
+ description: Wireguard (Deprecated)
+ - variable: openvpn
+ label: OpenVPN Settings
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["type", "=", "openvpn"]]
+ attrs:
+ - variable: username
+ label: Authentication Username (Optional)
+ description: Authentication Username, Optional
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: Authentication Password
+ description: Authentication Credentials
+ schema:
+ type: string
+ show_if: [["username", "!=", ""]]
+ default: ""
+ required: true
+ - variable: tailscale
+ label: Tailscale Settings
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["type", "=", "tailscale"]]
+ attrs:
+ - variable: authkey
+ label: Authentication Key
+ description: Provide an auth key to automatically authenticate the node as your user account.
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: auth_once
+ label: Auth Once
+ description: Only attempt to log in if not already logged in.
+ schema:
+ type: boolean
+ default: true
+ - variable: accept_dns
+ label: Accept DNS
+ description: Accept DNS configuration from the admin console.
+ schema:
+ type: boolean
+ default: false
+ - variable: userspace
+ label: Userspace
+ description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
+ schema:
+ type: boolean
+ default: false
+ - variable: routes
+ label: Routes
+ description: Expose physical subnet routes to your entire Tailscale network.
+ schema:
+ type: string
+ default: ""
+ - variable: dest_ip
+ label: Destination IP
+ description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
+ schema:
+ type: string
+ default: ""
+ - variable: sock5_server
+ label: Sock5 Server
+ description: The address on which to listen for SOCKS5 proxying into the tailscale net.
+ schema:
+ type: string
+ default: ""
+ - variable: outbound_http_proxy_listen
+ label: Outbound HTTP Proxy Listen
+ description: The address on which to listen for HTTP proxying into the tailscale net.
+ schema:
+ type: string
+ default: ""
+ - variable: extra_args
+ label: Extra Args
+ description: Extra Args
+ schema:
+ type: string
+ default: ""
+ - variable: daemon_extra_args
+ label: Tailscale Daemon Extra Args
+ description: Tailscale Daemon Extra Args
+ schema:
+ type: string
+ default: ""
+ - variable: killSwitch
+ label: Enable Killswitch
+ schema:
+ type: boolean
+ show_if: [["type", "!=", "disabled"]]
+ default: true
+ - variable: excludedNetworks_IPv4
+ label: Killswitch Excluded IPv4 networks
+ description: List of Killswitch Excluded IPv4 Addresses
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv4
+ label: IPv4 Network
+ schema:
+ type: string
+ required: true
+ - variable: excludedNetworks_IPv6
+ label: Killswitch Excluded IPv6 networks
+ description: "List of Killswitch Excluded IPv6 Addresses"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv6
+ label: IPv6 Network
+ schema:
+ type: string
+ required: true
+ - variable: configFile
+ label: VPN Config File Location
+ schema:
+ type: string
+ show_if: [["type", "!=", "disabled"]]
+ default: ""
+
+ - variable: envList
+ label: VPN Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ max_length: 10240
+ - variable: docs
+ group: Documentation
+ label: Please read the documentation at https://truecharts.org
+ description: Please read the documentation at
+
https://truecharts.org
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDocs
+ label: I have checked the documentation
+ schema:
+ type: boolean
+ default: true
+ - variable: donateNag
+ group: Documentation
+ label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
+ description: Please consider supporting TrueCharts, see
+
https://truecharts.org/sponsor
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDonate
+ label: I have considered donating
+ schema:
+ type: boolean
+ default: true
+ hidden: true
diff --git a/stable/rsshub/11.1.23/templates/NOTES.txt b/stable/rsshub/11.1.23/templates/NOTES.txt
new file mode 100644
index 0000000000..efcb74cb77
--- /dev/null
+++ b/stable/rsshub/11.1.23/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/stable/wg-easy/9.0.3/templates/common.yaml b/stable/rsshub/11.1.23/templates/common.yaml
similarity index 100%
rename from stable/wg-easy/9.0.3/templates/common.yaml
rename to stable/rsshub/11.1.23/templates/common.yaml
diff --git a/stable/rsshub/11.1.23/values.yaml b/stable/rsshub/11.1.23/values.yaml
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/stable/wg-easy/9.0.3/app-changelog.md b/stable/wg-easy/9.0.3/app-changelog.md
deleted file mode 100644
index 5b3d0ddd7f..0000000000
--- a/stable/wg-easy/9.0.3/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [wg-easy-9.0.3](https://github.com/truecharts/charts/compare/wg-easy-9.0.2...wg-easy-9.0.3) (2024-01-21)
-
-### Chore
-
-
-
-- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409))
\ No newline at end of file
diff --git a/stable/wg-easy/9.0.3/CHANGELOG.md b/stable/wg-easy/9.0.4/CHANGELOG.md
similarity index 87%
rename from stable/wg-easy/9.0.3/CHANGELOG.md
rename to stable/wg-easy/9.0.4/CHANGELOG.md
index d7a08d9bc9..456e1dc3f1 100644
--- a/stable/wg-easy/9.0.3/CHANGELOG.md
+++ b/stable/wg-easy/9.0.4/CHANGELOG.md
@@ -7,6 +7,15 @@ title: Changelog
+## [wg-easy-9.0.4](https://github.com/truecharts/charts/compare/wg-easy-9.0.3...wg-easy-9.0.4) (2024-01-21)
+
+### Chore
+
+
+
+- update container image ghcr.io/wg-easy/wg-easy to 10[@da89743](https://github.com/da89743) by renovate ([#17469](https://github.com/truecharts/charts/issues/17469))
+
+
## [wg-easy-9.0.3](https://github.com/truecharts/charts/compare/wg-easy-9.0.2...wg-easy-9.0.3) (2024-01-21)
### Chore
@@ -88,12 +97,3 @@ title: Changelog
- update container image common to v17.2.18[@085ba3c](https://github.com/085ba3c) by renovate ([#16732](https://github.com/truecharts/charts/issues/16732))
-- standardize ./img references ([#16704](https://github.com/truecharts/charts/issues/16704))
-
-- lints some docs, uses front-matter instead of # h1, and fix list items in changelog ([#16589](https://github.com/truecharts/charts/issues/16589))
-
-
-## [wg-easy-8.1.2](https://github.com/truecharts/charts/compare/wg-easy-8.1.0...wg-easy-8.1.2) (2024-01-01)
-
-### Chore
-
diff --git a/stable/wg-easy/9.0.3/Chart.yaml b/stable/wg-easy/9.0.4/Chart.yaml
similarity index 98%
rename from stable/wg-easy/9.0.3/Chart.yaml
rename to stable/wg-easy/9.0.4/Chart.yaml
index 483cbacf2c..07acda0d33 100644
--- a/stable/wg-easy/9.0.3/Chart.yaml
+++ b/stable/wg-easy/9.0.4/Chart.yaml
@@ -35,4 +35,4 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/stable/wg-easy
- https://ghcr.io/wg-easy/wg-easy
type: application
-version: 9.0.3
+version: 9.0.4
diff --git a/stable/wg-easy/9.0.3/README.md b/stable/wg-easy/9.0.4/README.md
similarity index 100%
rename from stable/wg-easy/9.0.3/README.md
rename to stable/wg-easy/9.0.4/README.md
diff --git a/stable/wg-easy/9.0.4/app-changelog.md b/stable/wg-easy/9.0.4/app-changelog.md
new file mode 100644
index 0000000000..d39661aa92
--- /dev/null
+++ b/stable/wg-easy/9.0.4/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [wg-easy-9.0.4](https://github.com/truecharts/charts/compare/wg-easy-9.0.3...wg-easy-9.0.4) (2024-01-21)
+
+### Chore
+
+
+
+- update container image ghcr.io/wg-easy/wg-easy to 10[@da89743](https://github.com/da89743) by renovate ([#17469](https://github.com/truecharts/charts/issues/17469))
\ No newline at end of file
diff --git a/stable/wg-easy/9.0.3/app-readme.md b/stable/wg-easy/9.0.4/app-readme.md
similarity index 100%
rename from stable/wg-easy/9.0.3/app-readme.md
rename to stable/wg-easy/9.0.4/app-readme.md
diff --git a/stable/wg-easy/9.0.4/charts/common-17.2.26.tgz b/stable/wg-easy/9.0.4/charts/common-17.2.26.tgz
new file mode 100644
index 0000000000..e5258f6f31
Binary files /dev/null and b/stable/wg-easy/9.0.4/charts/common-17.2.26.tgz differ
diff --git a/stable/wg-easy/9.0.3/ix_values.yaml b/stable/wg-easy/9.0.4/ix_values.yaml
similarity index 93%
rename from stable/wg-easy/9.0.3/ix_values.yaml
rename to stable/wg-easy/9.0.4/ix_values.yaml
index a34478eb9f..ea66922ff0 100644
--- a/stable/wg-easy/9.0.3/ix_values.yaml
+++ b/stable/wg-easy/9.0.4/ix_values.yaml
@@ -1,7 +1,7 @@
image:
repository: ghcr.io/wg-easy/wg-easy
pullPolicy: IfNotPresent
- tag: 10@sha256:f1485fa7be04653546f66cc58f23114d5be73f3932e8d0a71a40c6e961050f4d
+ tag: 10@sha256:da8974370d38556ae7abd4b4bc283bdc196d92fbd40af2e1561a85b310b7371b
securityContext:
container:
PUID: 0
diff --git a/stable/wg-easy/9.0.3/questions.yaml b/stable/wg-easy/9.0.4/questions.yaml
similarity index 100%
rename from stable/wg-easy/9.0.3/questions.yaml
rename to stable/wg-easy/9.0.4/questions.yaml
diff --git a/stable/wg-easy/9.0.4/templates/NOTES.txt b/stable/wg-easy/9.0.4/templates/NOTES.txt
new file mode 100644
index 0000000000..efcb74cb77
--- /dev/null
+++ b/stable/wg-easy/9.0.4/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/stable/znc/8.1.11/templates/common.yaml b/stable/wg-easy/9.0.4/templates/common.yaml
similarity index 100%
rename from stable/znc/8.1.11/templates/common.yaml
rename to stable/wg-easy/9.0.4/templates/common.yaml
diff --git a/stable/wg-easy/9.0.4/values.yaml b/stable/wg-easy/9.0.4/values.yaml
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/stable/znc/8.1.11/app-changelog.md b/stable/znc/8.1.11/app-changelog.md
deleted file mode 100644
index dc3643c97a..0000000000
--- a/stable/znc/8.1.11/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [znc-8.1.11](https://github.com/truecharts/charts/compare/znc-8.1.10...znc-8.1.11) (2024-01-21)
-
-### Chore
-
-
-
-- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409))
\ No newline at end of file
diff --git a/stable/znc/8.1.11/CHANGELOG.md b/stable/znc/8.1.12/CHANGELOG.md
similarity index 84%
rename from stable/znc/8.1.11/CHANGELOG.md
rename to stable/znc/8.1.12/CHANGELOG.md
index 7709b9bd33..2f50be7e2d 100644
--- a/stable/znc/8.1.11/CHANGELOG.md
+++ b/stable/znc/8.1.12/CHANGELOG.md
@@ -7,6 +7,15 @@ title: Changelog
+## [znc-8.1.12](https://github.com/truecharts/charts/compare/znc-8.1.11...znc-8.1.12) (2024-01-21)
+
+### Chore
+
+
+
+- update container image ghcr.io/linuxserver/znc to 1.8.2[@bd1bd2a](https://github.com/bd1bd2a) by renovate ([#17468](https://github.com/truecharts/charts/issues/17468))
+
+
## [znc-8.1.11](https://github.com/truecharts/charts/compare/znc-8.1.10...znc-8.1.11) (2024-01-21)
### Chore
@@ -88,12 +97,3 @@ title: Changelog
### Chore
-
-- bump all charts for OCI test push
-
-- move everything to consume OCI-hosted common-chart dependency
-
-- update container image common to v17.2.19[@4ebb688](https://github.com/4ebb688) by renovate ([#16733](https://github.com/truecharts/charts/issues/16733))
-
-- update container image common to v17.2.18[@085ba3c](https://github.com/085ba3c) by renovate ([#16732](https://github.com/truecharts/charts/issues/16732))
-
diff --git a/stable/znc/8.1.11/Chart.yaml b/stable/znc/8.1.12/Chart.yaml
similarity index 98%
rename from stable/znc/8.1.11/Chart.yaml
rename to stable/znc/8.1.12/Chart.yaml
index e6767f55e6..30203e1edd 100644
--- a/stable/znc/8.1.11/Chart.yaml
+++ b/stable/znc/8.1.12/Chart.yaml
@@ -32,4 +32,4 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/stable/znc
- https://ghcr.io/linuxserver/znc
type: application
-version: 8.1.11
+version: 8.1.12
diff --git a/stable/znc/8.1.11/README.md b/stable/znc/8.1.12/README.md
similarity index 100%
rename from stable/znc/8.1.11/README.md
rename to stable/znc/8.1.12/README.md
diff --git a/stable/znc/8.1.12/app-changelog.md b/stable/znc/8.1.12/app-changelog.md
new file mode 100644
index 0000000000..3538e0ffd7
--- /dev/null
+++ b/stable/znc/8.1.12/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [znc-8.1.12](https://github.com/truecharts/charts/compare/znc-8.1.11...znc-8.1.12) (2024-01-21)
+
+### Chore
+
+
+
+- update container image ghcr.io/linuxserver/znc to 1.8.2[@bd1bd2a](https://github.com/bd1bd2a) by renovate ([#17468](https://github.com/truecharts/charts/issues/17468))
\ No newline at end of file
diff --git a/stable/znc/8.1.11/app-readme.md b/stable/znc/8.1.12/app-readme.md
similarity index 100%
rename from stable/znc/8.1.11/app-readme.md
rename to stable/znc/8.1.12/app-readme.md
diff --git a/stable/znc/8.1.12/charts/common-17.2.26.tgz b/stable/znc/8.1.12/charts/common-17.2.26.tgz
new file mode 100644
index 0000000000..e5258f6f31
Binary files /dev/null and b/stable/znc/8.1.12/charts/common-17.2.26.tgz differ
diff --git a/stable/znc/8.1.11/ix_values.yaml b/stable/znc/8.1.12/ix_values.yaml
similarity index 82%
rename from stable/znc/8.1.11/ix_values.yaml
rename to stable/znc/8.1.12/ix_values.yaml
index 712891090f..368d8c8c62 100644
--- a/stable/znc/8.1.11/ix_values.yaml
+++ b/stable/znc/8.1.12/ix_values.yaml
@@ -1,7 +1,7 @@
image:
repository: ghcr.io/linuxserver/znc
pullPolicy: IfNotPresent
- tag: 1.8.2@sha256:ad8a2972fd32c2ffc4678e6b0f94ccb8e1340d03b0588a41d2ac8099412b7e79
+ tag: 1.8.2@sha256:bd1bd2aa8741af7da6305b4e10d3fdaf6929329c7aded61aef6a7071b643b957
service:
main:
ports:
diff --git a/stable/znc/8.1.11/questions.yaml b/stable/znc/8.1.12/questions.yaml
similarity index 100%
rename from stable/znc/8.1.11/questions.yaml
rename to stable/znc/8.1.12/questions.yaml
diff --git a/stable/znc/8.1.12/templates/NOTES.txt b/stable/znc/8.1.12/templates/NOTES.txt
new file mode 100644
index 0000000000..efcb74cb77
--- /dev/null
+++ b/stable/znc/8.1.12/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/stable/znc/8.1.12/templates/common.yaml b/stable/znc/8.1.12/templates/common.yaml
new file mode 100644
index 0000000000..b51394e00a
--- /dev/null
+++ b/stable/znc/8.1.12/templates/common.yaml
@@ -0,0 +1 @@
+{{ include "tc.v1.common.loader.all" . }}
diff --git a/stable/znc/8.1.12/values.yaml b/stable/znc/8.1.12/values.yaml
new file mode 100644
index 0000000000..e69de29bb2