truenas/chart
1
0
Fork 0
mirror of https://github.com/truenas/charts.git synced 2026-04-01 09:51:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
c571e6db0badcd6ba5dafc779b11c8a4d3c9f5b2
chart/community/twofactor-auth/app_versions.json
sonicaj 9a367abacc Update catalog changes
2024-08-15 07:49:39 +00:00

1110 lines
84 KiB
JSON
Raw Blame History

{
"1.2.7": {
"healthy": true,
"supported": false,
"healthy_error": null,
"location": "/__w/charts/charts/community/twofactor-auth/1.2.7",
"last_update": "2024-08-15 07:48:07",
"required_features": [
"normalize/ixVolume",
"normalize/acl"
],
"human_version": "5.2.0_1.2.7",
"version": "1.2.7",
"chart_metadata": {
"name": "twofactor-auth",
"description": "2FAuth is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop.",
"annotations": {
"title": "2FAuth"
},
"type": "application",
"version": "1.2.7",
"apiVersion": "v2",
"appVersion": "5.2.0",
"kubeVersion": ">=1.16.0-0",
"maintainers": [
{
"name": "truenas",
"url": "https://www.truenas.com/",
"email": "dev@ixsystems.com"
}
],
"dependencies": [
{
"name": "common",
"repository": "file://../../../common",
"version": "1.2.9"
}
],
"home": "https://docs.2fauth.app/",
"icon": "https://media.sys.truenas.net/apps/twofactor-auth/icons/icon.png",
"sources": [
"https://github.com/Bubka/2FAuth",
"https://github.com/truenas/charts/tree/master/library/ix-dev/community/2fauth",
"https://hub.docker.com/r/2fauth/2fauth/"
],
"keywords": [
"security",
"2fa",
"otp"
]
},
"app_metadata": {
"runAsContext": [
{
"userName": "twofauth",
"groupName": "twofauthreadarr",
"gid": 1000,
"uid": 1000,
"description": "2FAuth runs as a non-root user."
}
],
"capabilities": [],
"hostMounts": []
},
"schema": {
"groups": [
{
"name": "2FAuth Configuration",
"description": "Configure 2FAuth"
},
{
"name": "Network Configuration",
"description": "Configure Network for 2FAuth"
},
{
"name": "Storage Configuration",
"description": "Configure Storage for 2FAuth"
},
{
"name": "Resources Configuration",
"description": "Configure Resources for 2FAuth"
}
],
"portals": {
"web_portal": {
"protocols": [
"$kubernetes-resource_configmap_portal_protocol"
],
"host": [
"$kubernetes-resource_configmap_portal_host"
],
"ports": [
"$kubernetes-resource_configmap_portal_port"
],
"path": "$kubernetes-resource_configmap_portal_path"
}
},
"questions": [
{
"variable": "twofauthConfig",
"label": "",
"group": "2FAuth Configuration",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "appName",
"label": "App Name",
"description": "The name of the 2FAuth.",
"schema": {
"type": "string",
"default": "2FAuth",
"required": true
}
},
{
"variable": "appUrl",
"label": "App URL",
"description": "The URL that 2FAuth will be accessible from.</br>\nExample: </br>\nhttp://server.ip:30081</br>\nhttps://2fauth.example.com\n",
"schema": {
"type": "uri",
"default": "",
"required": true
}
},
{
"variable": "siteOwnerEmail",
"label": "Site Owner Email",
"description": "The email address of the site owner.",
"schema": {
"type": "string",
"default": "",
"required": true
}
},
{
"variable": "authenticationGuard",
"label": "Authentication Guard",
"description": "When using 'reverse-proxy-guard' 2FAuth only look for the dedicated headers and skip all\nother built-in authentication checks. That means your proxy is fully responsible of the\nauthentication process, 2FAuth will trust him as long as headers are presents.\n",
"schema": {
"type": "string",
"default": "web-guard",
"required": true,
"enum": [
{
"value": "web-guard",
"description": "Web Guard"
},
{
"value": "reverse-proxy-guard",
"description": "Reverse Proxy Guard"
}
]
}
},
{
"variable": "authProxyHeaderUser",
"label": "Authentication Proxy Header User",
"description": "Name of the HTTP headers sent by the reverse proxy that identifies the authenticated\nuser at proxy level. Check your proxy documentation to find out how these headers are named.\n",
"schema": {
"type": "string",
"default": "",
"show_if": [
[
"authenticationGuard",
"=",
"reverse-proxy-guard"
]
],
"required": true
}
},
{
"variable": "authProxyHeaderEmail",
"label": "Authentication Proxy Header Email",
"description": "Name of the HTTP headers sent by the reverse proxy that identifies the authenticated\nuser at proxy level. Check your proxy documentation to find out how these headers are named.\n",
"schema": {
"type": "string",
"default": "",
"show_if": [
[
"authenticationGuard",
"=",
"reverse-proxy-guard"
]
],
"required": true
}
},
{
"variable": "webauthnUserVerification",
"label": "WebAuthn User Verification",
"description": "Most authenticators and smartphones will ask the user to actively verify\nthemselves for log in. For example, through a touch plus pin code,\npassword entry, or biometric recognition (e.g., presenting a fingerprint).\nThe intent is to distinguish one user from any other.\n",
"schema": {
"type": "string",
"default": "preferred",
"required": true,
"enum": [
{
"value": "preferred",
"description": "Preferred"
},
{
"value": "required",
"description": "Required"
},
{
"value": "discouraged",
"description": "Discouraged"
}
]
}
},
{
"variable": "trustedProxies",
"label": "Trusted Proxies",
"description": "The list of proxies IP to trust",
"schema": {
"type": "list",
"default": [],
"items": [
{
"variable": "trustedProxy",
"label": "Trusted Proxy",
"schema": {
"type": "string",
"required": true
}
}
]
}
},
{
"variable": "additionalEnvs",
"label": "Additional Environment Variables",
"description": "Configure additional environment variables for 2FAuth.",
"schema": {
"type": "list",
"default": [],
"items": [
{
"variable": "env",
"label": "Environment Variable",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "name",
"label": "Name",
"schema": {
"type": "string",
"required": true
}
},
{
"variable": "value",
"label": "Value",
"schema": {
"type": "string",
"required": true
}
}
]
}
}
]
}
}
]
}
},
{
"variable": "twofauthNetwork",
"label": "",
"group": "Network Configuration",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "webPort",
"label": "Web Port",
"description": "The port for the 2FAuth Web UI.",
"schema": {
"type": "int",
"default": 30081,
"min": 9000,
"max": 65535,
"required": true
}
},
{
"variable": "hostNetwork",
"label": "Host Network",
"description": "Bind to the host network. It's recommended to keep this disabled.</br>\n",
"schema": {
"type": "boolean",
"default": false
}
}
]
}
},
{
"variable": "twofauthStorage",
"label": "",
"group": "Storage Configuration",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "config",
"label": "2FAuth Config Storage",
"description": "The path to store 2FAuth Configuration.",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "type",
"label": "Type",
"description": "ixVolume: Is dataset created automatically by the system.</br>\nHost Path: Is a path that already exists on the system.\n",
"schema": {
"type": "string",
"required": true,
"immutable": true,
"default": "ixVolume",
"enum": [
{
"value": "hostPath",
"description": "Host Path (Path that already exists on the system)"
},
{
"value": "ixVolume",
"description": "ixVolume (Dataset created automatically by the system)"
}
]
}
},
{
"variable": "ixVolumeConfig",
"label": "ixVolume Configuration",
"description": "The configuration for the ixVolume dataset.",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"ixVolume"
]
],
"$ref": [
"normalize/ixVolume"
],
"attrs": [
{
"variable": "aclEnable",
"label": "Enable ACL",
"description": "Enable ACL for the dataset.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "datasetName",
"label": "Dataset Name",
"description": "The name of the dataset to use for storage.",
"schema": {
"type": "string",
"required": true,
"immutable": true,
"hidden": true,
"default": "config"
}
},
{
"variable": "aclEntries",
"label": "ACL Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"aclEnable",
"=",
true
]
],
"attrs": [
{
"variable": "path",
"label": "Path",
"description": "Path to perform ACL",
"schema": {
"type": "string",
"hidden": true
}
},
{
"variable": "entries",
"label": "ACL Entries",
"description": "ACL Entries",
"schema": {
"type": "list",
"items": [
{
"variable": "aclEntry",
"label": "ACL Entry",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "id_type",
"label": "ID Type",
"schema": {
"type": "string",
"enum": [
{
"value": "USER",
"description": "Entry is for a USER"
},
{
"value": "GROUP",
"description": "Entry is for a GROUP"
}
],
"default": "USER"
}
},
{
"variable": "id",
"label": "ID",
"description": "Make sure to check the ID value is correct and aligns with RunAs user context of the application",
"schema": {
"type": "int",
"required": true,
"min": 0
}
},
{
"variable": "access",
"label": "Access",
"schema": {
"type": "string",
"enum": [
{
"value": "READ",
"description": "Read Access"
},
{
"value": "MODIFY",
"description": "Modify Access"
},
{
"value": "FULL_CONTROL",
"description": "FULL_CONTROL Access"
}
]
}
}
]
}
}
]
}
}
]
}
}
]
}
},
{
"variable": "hostPathConfig",
"label": "Host Path Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"hostPath"
]
],
"attrs": [
{
"variable": "aclEnable",
"label": "Enable ACL",
"description": "Enable ACL for the dataset.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "acl",
"label": "ACL Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"aclEnable",
"=",
true
]
],
"attrs": [
{
"variable": "path",
"label": "Host Path",
"description": "Host Path to perform ACL",
"schema": {
"type": "hostpath",
"required": true,
"empty": false
}
},
{
"variable": "entries",
"label": "ACL Entries",
"description": "ACL Entries",
"schema": {
"type": "list",
"items": [
{
"variable": "aclEntry",
"label": "ACL Entry",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "id_type",
"label": "ID Type",
"schema": {
"type": "string",
"enum": [
{
"value": "USER",
"description": "Entry is for a USER"
},
{
"value": "GROUP",
"description": "Entry is for a GROUP"
}
],
"default": "USER"
}
},
{
"variable": "id",
"label": "ID",
"description": "Make sure to check the ID value is correct and aligns with RunAs user context of the application",
"schema": {
"type": "int",
"required": true,
"min": 0
}
},
{
"variable": "access",
"label": "Access",
"schema": {
"type": "string",
"enum": [
{
"value": "READ",
"description": "Read Access"
},
{
"value": "MODIFY",
"description": "Modify Access"
},
{
"value": "FULL_CONTROL",
"description": "FULL_CONTROL Access"
}
]
}
}
]
}
}
]
}
},
{
"variable": "options",
"label": "ACL Options",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "force",
"label": "Force Flag",
"description": "Enabling `Force` applies ACL even if the path has existing data",
"schema": {
"type": "boolean",
"default": false
}
}
]
}
}
],
"$ref": [
"normalize/acl"
]
}
},
{
"variable": "hostPath",
"label": "Host Path",
"description": "The host path to use for storage.",
"schema": {
"type": "hostpath",
"show_if": [
[
"aclEnable",
"=",
false
]
],
"required": true
}
}
]
}
}
]
}
},
{
"variable": "additionalStorages",
"label": "Additional Storage",
"description": "Additional storage for 2FAuth.",
"schema": {
"type": "list",
"default": [],
"items": [
{
"variable": "storageEntry",
"label": "Storage Entry",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "type",
"label": "Type",
"description": "ixVolume: Is dataset created automatically by the system.</br>\nHost Path: Is a path that already exists on the system.</br>\nSMB Share: Is a SMB share that is mounted to a persistent volume claim.\n",
"schema": {
"type": "string",
"required": true,
"default": "ixVolume",
"immutable": true,
"enum": [
{
"value": "hostPath",
"description": "Host Path (Path that already exists on the system)"
},
{
"value": "ixVolume",
"description": "ixVolume (Dataset created automatically by the system)"
},
{
"value": "smb-pv-pvc",
"description": "SMB Share (Mounts a persistent volume claim to a SMB share)"
}
]
}
},
{
"variable": "readOnly",
"label": "Read Only",
"description": "Mount the volume as read only.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "mountPath",
"label": "Mount Path",
"description": "The path inside the container to mount the storage.",
"schema": {
"type": "path",
"required": true
}
},
{
"variable": "hostPathConfig",
"label": "Host Path Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"hostPath"
]
],
"attrs": [
{
"variable": "aclEnable",
"label": "Enable ACL",
"description": "Enable ACL for the dataset.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "acl",
"label": "ACL Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"aclEnable",
"=",
true
]
],
"attrs": [
{
"variable": "path",
"label": "Host Path",
"description": "Host Path to perform ACL",
"schema": {
"type": "hostpath",
"required": true,
"empty": false
}
},
{
"variable": "entries",
"label": "ACL Entries",
"description": "ACL Entries",
"schema": {
"type": "list",
"items": [
{
"variable": "aclEntry",
"label": "ACL Entry",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "id_type",
"label": "ID Type",
"schema": {
"type": "string",
"enum": [
{
"value": "USER",
"description": "Entry is for a USER"
},
{
"value": "GROUP",
"description": "Entry is for a GROUP"
}
],
"default": "USER"
}
},
{
"variable": "id",
"label": "ID",
"description": "Make sure to check the ID value is correct and aligns with RunAs user context of the application",
"schema": {
"type": "int",
"required": true,
"min": 0
}
},
{
"variable": "access",
"label": "Access",
"schema": {
"type": "string",
"enum": [
{
"value": "READ",
"description": "Read Access"
},
{
"value": "MODIFY",
"description": "Modify Access"
},
{
"value": "FULL_CONTROL",
"description": "FULL_CONTROL Access"
}
]
}
}
]
}
}
]
}
},
{
"variable": "options",
"label": "ACL Options",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "force",
"label": "Force Flag",
"description": "Enabling `Force` applies ACL even if the path has existing data",
"schema": {
"type": "boolean",
"default": false
}
}
]
}
}
],
"$ref": [
"normalize/acl"
]
}
},
{
"variable": "hostPath",
"label": "Host Path",
"description": "The host path to use for storage.",
"schema": {
"type": "hostpath",
"show_if": [
[
"aclEnable",
"=",
false
]
],
"required": true
}
}
]
}
},
{
"variable": "ixVolumeConfig",
"label": "ixVolume Configuration",
"description": "The configuration for the ixVolume dataset.",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"ixVolume"
]
],
"$ref": [
"normalize/ixVolume"
],
"attrs": [
{
"variable": "aclEnable",
"label": "Enable ACL",
"description": "Enable ACL for the dataset.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "datasetName",
"label": "Dataset Name",
"description": "The name of the dataset to use for storage.",
"schema": {
"type": "string",
"required": true,
"immutable": true,
"default": "storage_entry"
}
},
{
"variable": "aclEntries",
"label": "ACL Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"aclEnable",
"=",
true
]
],
"attrs": [
{
"variable": "path",
"label": "Path",
"description": "Path to perform ACL",
"schema": {
"type": "string",
"hidden": true
}
},
{
"variable": "entries",
"label": "ACL Entries",
"description": "ACL Entries",
"schema": {
"type": "list",
"items": [
{
"variable": "aclEntry",
"label": "ACL Entry",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "id_type",
"label": "ID Type",
"schema": {
"type": "string",
"enum": [
{
"value": "USER",
"description": "Entry is for a USER"
},
{
"value": "GROUP",
"description": "Entry is for a GROUP"
}
],
"default": "USER"
}
},
{
"variable": "id",
"label": "ID",
"description": "Make sure to check the ID value is correct and aligns with RunAs user context of the application",
"schema": {
"type": "int",
"required": true,
"min": 0
}
},
{
"variable": "access",
"label": "Access",
"schema": {
"type": "string",
"enum": [
{
"value": "READ",
"description": "Read Access"
},
{
"value": "MODIFY",
"description": "Modify Access"
},
{
"value": "FULL_CONTROL",
"description": "FULL_CONTROL Access"
}
]
}
}
]
}
}
]
}
}
]
}
}
]
}
},
{
"variable": "smbConfig",
"label": "SMB Share Configuration",
"description": "The configuration for the SMB Share.",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"smb-pv-pvc"
]
],
"attrs": [
{
"variable": "server",
"label": "Server",
"description": "The server for the SMB share.",
"schema": {
"type": "string",
"required": true
}
},
{
"variable": "share",
"label": "Share",
"description": "The share name for the SMB share.",
"schema": {
"type": "string",
"required": true
}
},
{
"variable": "domain",
"label": "Domain (Optional)",
"description": "The domain for the SMB share.",
"schema": {
"type": "string"
}
},
{
"variable": "username",
"label": "Username",
"description": "The username for the SMB share.",
"schema": {
"type": "string",
"required": true
}
},
{
"variable": "password",
"label": "Password",
"description": "The password for the SMB share.",
"schema": {
"type": "string",
"required": true,
"private": true
}
},
{
"variable": "size",
"label": "Size (in Gi)",
"description": "The size of the volume quota.",
"schema": {
"type": "int",
"required": true,
"min": 1,
"default": 1
}
}
]
}
}
]
}
}
]
}
}
]
}
},
{
"variable": "resources",
"group": "Resources Configuration",
"label": "",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "limits",
"label": "Limits",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "cpu",
"label": "CPU",
"description": "CPU limit for 2FAuth.",
"schema": {
"type": "string",
"max_length": 6,
"valid_chars": "^(0\\.[1-9]|[1-9][0-9]*)(\\.[0-9]|m?)$",
"valid_chars_error": "Valid CPU limit formats are</br>\n- Plain Integer - eg. 1</br>\n- Float - eg. 0.5</br>\n- Milicpu - eg. 500m\n",
"default": "4000m",
"required": true
}
},
{
"variable": "memory",
"label": "Memory",
"description": "Memory limit for 2FAuth.",
"schema": {
"type": "string",
"max_length": 12,
"valid_chars": "^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$",
"valid_chars_error": "Valid Memory limit formats are</br>\n- Suffixed with E/P/T/G/M/K - eg. 1G</br>\n- Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi</br>\n- Plain Integer in bytes - eg. 1024</br>\n- Exponent - eg. 134e6\n",
"default": "8Gi",
"required": true
}
}
]
}
}
]
}
}
]
},
"app_readme": "<h1>2FAuth</h1>\n<p><a href=\"https://docs.2fauth.app/\">2FAuth</a> is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop.</p>\n<blockquote>\n<p>When application is installed, a container will be launched with <strong>root</strong> privileges.\nThis is required in order to apply the correct permissions to the <code>2FAuth</code> directories.\nAfterward, the <code>2FAuth</code> container will run as a <strong>non</strong>-root user (<code>1000</code>).\nAll mounted storage(s) will be <code>chown</code>ed only if the parent directory does not match the configured user.</p>\n</blockquote>",
"detailed_readme": "<h1>2FAuth</h1>\n<p><a href=\"https://docs.2fauth.app/\">2FAuth</a> is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop.</p>\n<blockquote>\n<p>When application is installed, a container will be launched with <strong>root</strong> privileges.\nThis is required in order to apply the correct permissions to the <code>2FAuth</code> directories.\nAfterward, the <code>2FAuth</code> container will run as a <strong>non</strong>-root user (<code>1000</code>).\nAll mounted storage(s) will be <code>chown</code>ed only if the parent directory does not match the configured user.</p>\n</blockquote>",
"changelog": null
}
}
Reference in New Issue View Git Blame Copy Permalink