questions: - variable: global.rbac.pspEnabled default: "false" description: "Flag to enable or disable the installation of PodSecurityPolicies by this chart in the target cluster. If the cluster is running Kubernetes 1.25+, you must update this value to false." label: "Enable PodSecurityPolicies" type: boolean group: "Security Settings" - variable: global.tlsIssuerEmail label: Issuer Email Receiver description: "Email address to receive the certificate notification emails send by the `letsencrypt-production` issuer" type: string required: false group: "General settings" - variable: certManagerNamespace label: Cert-manager namespace description: "Namespace where cert-manager is installed in" type: string required: false group: "Advanced settings" - variable: ingress.ingressClassName label: Ingress class name for the server description: "Set a class name to select the ingress controller you want to use for the server" type: string group: "Advanced settings" - variable: server.ingressClassName label: Ingress class name for apps description: "Set a class name to select the ingress controller you want to use for your apps" type: string group: "Advanced settings" - variable: server.disableTracking label: Disable tracking description: "Disable tracking of the running Epinio and Kubernetes versions" type: boolean group: "Advanced settings" - variable: serviceCatalog.enableDevServices label: Enable catalog services for development default: "true" description: "Enables services in the Epinio service catalog, meant to be used in development (because they are running in-cluster)" type: boolean group: "Advanced settings" - variable: useCustomTlsIssuer label: Use your own TLS issuer default: "false" description: "Use your own TLS issuer" type: boolean group: "General settings" show_subquestion_if: true subquestions: - variable: customTlsIssuer label: TLS issuer description: "Name of the cluster issuer to use" type: string required: false - variable: global.tlsIssuer show_if: "useCustomTlsIssuer=false" label: TLS issuer description: "Name of the predefined cluster issuer to use" type: enum required: false group: "General settings" options: - "epinio-ca" - "selfsigned-issuer" - "letsencrypt-production" - variable: api.username label: API username description: "The user name for authenticating all API requests" type: string required: false group: "General settings" - variable: api.passwordBcrypt label: API password description: "The password for authenticating all API requests (hashed with Bcrypt)" type: password required: false group: "General settings" - variable: global.domain label: Domain description: "Domain for the application" type: string required: true group: "General settings" - variable: server.accessControlAllowOrigin label: Access control allow origin description: "Domain which serves the Rancher UI (to access the API)" type: string required: false group: "General settings" - variable: kubed.enabled label: Install kubed description: "Deploy kubed or skip it if you get it installed already" type: boolean group: "Advanced settings" - variable: containerregistry.enabled description: "Disable local container registry to configure an external registry." label: Install local container registry type: boolean show_subquestion_if: false group: "External registry" subquestions: - variable: global.registryURL label: External registry url description: "URL of your external registry" type: string required: false - variable: global.registryUsername label: External registry username description: "Username to authenticate to the external registry" type: string required: false - variable: global.registryPassword label: External registry password description: "Password to authenticate to the external registry" type: password required: false - variable: global.registryNamespace label: External registry namespace description: "The organization part of the registry path for an external registry where you have push access" type: string required: false - variable: containerregistry.certificateSecret label: External registry certificate secret description: | Name of Secret in Epinio's main namespace with PEM formatted certificate found at key 'tls.crt'. Necessary for validating external registry used by Epinio's staging jobs. Must be also trusted by kubelet in the cluster. type: string required: false - variable: minio.enabled label: Install Minio description: "Disable Minio to either use s3gw or to configure an external s3 storage." type: boolean group: "S3 storage" show_subquestion_if: false subquestions: - variable: s3gw.enabled label: Install s3gw description: "Disable s3gw to configure an external s3 storage." type: boolean show_subquestion_if: false group: "S3 storage" subquestions: - variable: s3.endpoint label: S3 endpoint description: "Endpoint of your S3 storage" type: string required: false - variable: s3.accessKeyID label: S3 access key id description: "Access key id to authenticate to your S3 storage" type: string required: false - variable: s3.secretAccessKey label: S3 access key secret description: "Secret access key to authenticate to your S3 storage" type: password required: false - variable: s3.bucket label: S3 bucket description: "Bucket of your S3 storage" type: string required: false - variable: s3.region label: S3 region description: "Region of your S3 storage" type: string required: false - variable: s3.useSSL label: S3 use SSL type: boolean required: false - variable: s3.certificateSecret label: Self signed certificate for S3 description: Set it to an existing secret if s3 is using a self signed certificate type: string required: false - variable: server.traceLevel label: Epinio API Log Level required: false type: string group: "Debugging" - variable: server.timeoutMultiplier label: Timeout Multiplier required: false type: string group: "Debugging"