| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620 |
- {
- "1.1.2": {
- "healthy": true,
- "supported": true,
- "healthy_error": null,
- "location": "/__w/charts/charts/community/twofactor-auth/1.1.2",
- "last_update": "2023-11-14 10:11:57",
- "required_features": [
- "normalize/ixVolume"
- ],
- "human_version": "4.2.3_1.1.2",
- "version": "1.1.2",
- "chart_metadata": {
- "name": "twofactor-auth",
- "description": "2FAuth is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop.",
- "annotations": {
- "title": "2FAuth"
- },
- "type": "application",
- "version": "1.1.2",
- "apiVersion": "v2",
- "appVersion": "4.2.3",
- "kubeVersion": ">=1.16.0-0",
- "maintainers": [
- {
- "name": "truenas",
- "url": "https://www.truenas.com/",
- "email": "dev@ixsystems.com"
- }
- ],
- "dependencies": [
- {
- "name": "common",
- "repository": "file://../../../common",
- "version": "1.2.2"
- }
- ],
- "home": "https://docs.2fauth.app/",
- "icon": "https://media.sys.truenas.net/apps/twofactor-auth/icons/icon.png",
- "sources": [
- "https://github.com/Bubka/2FAuth",
- "https://github.com/truenas/charts/tree/master/library/ix-dev/community/2fauth",
- "https://hub.docker.com/r/2fauth/2fauth/"
- ],
- "keywords": [
- "security",
- "2fa",
- "otp"
- ]
- },
- "app_metadata": {
- "runAsContext": [
- {
- "userName": "twofauth",
- "groupName": "twofauthreadarr",
- "gid": 1000,
- "uid": 1000,
- "description": "2FAuth runs as a non-root user."
- }
- ],
- "capabilities": [],
- "hostMounts": []
- },
- "schema": {
- "groups": [
- {
- "name": "2FAuth Configuration",
- "description": "Configure 2FAuth"
- },
- {
- "name": "Network Configuration",
- "description": "Configure Network for 2FAuth"
- },
- {
- "name": "Storage Configuration",
- "description": "Configure Storage for 2FAuth"
- },
- {
- "name": "Resources Configuration",
- "description": "Configure Resources for 2FAuth"
- }
- ],
- "portals": {
- "web_portal": {
- "protocols": [
- "$kubernetes-resource_configmap_portal_protocol"
- ],
- "host": [
- "$kubernetes-resource_configmap_portal_host"
- ],
- "ports": [
- "$kubernetes-resource_configmap_portal_port"
- ],
- "path": "$kubernetes-resource_configmap_portal_path"
- }
- },
- "questions": [
- {
- "variable": "twofauthConfig",
- "label": "",
- "group": "2FAuth Configuration",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "appName",
- "label": "App Name",
- "description": "The name of the 2FAuth.",
- "schema": {
- "type": "string",
- "default": "2FAuth",
- "required": true
- }
- },
- {
- "variable": "appUrl",
- "label": "App URL",
- "description": "The URL that 2FAuth will be accessible from.</br>\nExample: </br>\nhttp://server.ip:30081</br>\nhttps://2fauth.example.com\n",
- "schema": {
- "type": "uri",
- "default": "",
- "required": true
- }
- },
- {
- "variable": "siteOwnerEmail",
- "label": "Site Owner Email",
- "description": "The email address of the site owner.",
- "schema": {
- "type": "string",
- "default": "",
- "required": true
- }
- },
- {
- "variable": "authenticationGuard",
- "label": "Authentication Guard",
- "description": "When using 'reverse-proxy-guard' 2FAuth only look for the dedicated headers and skip all\nother built-in authentication checks. That means your proxy is fully responsible of the\nauthentication process, 2FAuth will trust him as long as headers are presents.\n",
- "schema": {
- "type": "string",
- "default": "web-guard",
- "required": true,
- "enum": [
- {
- "value": "web-guard",
- "description": "Web Guard"
- },
- {
- "value": "reverse-proxy-guard",
- "description": "Reverse Proxy Guard"
- }
- ]
- }
- },
- {
- "variable": "authProxyHeaderUser",
- "label": "Authentication Proxy Header User",
- "description": "Name of the HTTP headers sent by the reverse proxy that identifies the authenticated\nuser at proxy level. Check your proxy documentation to find out how these headers are named.\n",
- "schema": {
- "type": "string",
- "default": "",
- "show_if": [
- [
- "authenticationGuard",
- "=",
- "reverse-proxy-guard"
- ]
- ],
- "required": true
- }
- },
- {
- "variable": "authProxyHeaderEmail",
- "label": "Authentication Proxy Header Email",
- "description": "Name of the HTTP headers sent by the reverse proxy that identifies the authenticated\nuser at proxy level. Check your proxy documentation to find out how these headers are named.\n",
- "schema": {
- "type": "string",
- "default": "",
- "show_if": [
- [
- "authenticationGuard",
- "=",
- "reverse-proxy-guard"
- ]
- ],
- "required": true
- }
- },
- {
- "variable": "webauthnUserVerification",
- "label": "WebAuthn User Verification",
- "description": "Most authenticators and smartphones will ask the user to actively verify\nthemselves for log in. For example, through a touch plus pin code,\npassword entry, or biometric recognition (e.g., presenting a fingerprint).\nThe intent is to distinguish one user from any other.\n",
- "schema": {
- "type": "string",
- "default": "preferred",
- "required": true,
- "enum": [
- {
- "value": "preferred",
- "description": "Preferred"
- },
- {
- "value": "required",
- "description": "Required"
- },
- {
- "value": "discouraged",
- "description": "Discouraged"
- }
- ]
- }
- },
- {
- "variable": "trustedProxies",
- "label": "Trusted Proxies",
- "description": "The list of proxies IP to trust",
- "schema": {
- "type": "list",
- "default": [],
- "items": [
- {
- "variable": "trustedProxy",
- "label": "Trusted Proxy",
- "schema": {
- "type": "string",
- "required": true
- }
- }
- ]
- }
- },
- {
- "variable": "additionalEnvs",
- "label": "Additional Environment Variables",
- "description": "Configure additional environment variables for 2FAuth.",
- "schema": {
- "type": "list",
- "default": [],
- "items": [
- {
- "variable": "env",
- "label": "Environment Variable",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "name",
- "label": "Name",
- "schema": {
- "type": "string",
- "required": true
- }
- },
- {
- "variable": "value",
- "label": "Value",
- "schema": {
- "type": "string",
- "required": true
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- },
- {
- "variable": "twofauthNetwork",
- "label": "",
- "group": "Network Configuration",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "webPort",
- "label": "Web Port",
- "description": "The port for the 2FAuth Web UI.",
- "schema": {
- "type": "int",
- "default": 30081,
- "min": 9000,
- "max": 65535,
- "required": true
- }
- },
- {
- "variable": "hostNetwork",
- "label": "Host Network",
- "description": "Bind to the host network. It's recommended to keep this disabled.</br>\n",
- "schema": {
- "type": "boolean",
- "default": false
- }
- }
- ]
- }
- },
- {
- "variable": "twofauthStorage",
- "label": "",
- "group": "Storage Configuration",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "config",
- "label": "2FAuth Config Storage",
- "description": "The path to store 2FAuth Configuration.",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "type",
- "label": "Type",
- "description": "ixVolume: Is dataset created automatically by the system.</br>\nHost Path: Is a path that already exists on the system.\n",
- "schema": {
- "type": "string",
- "required": true,
- "immutable": true,
- "default": "ixVolume",
- "enum": [
- {
- "value": "hostPath",
- "description": "Host Path (Path that already exists on the system)"
- },
- {
- "value": "ixVolume",
- "description": "ixVolume (Dataset created automatically by the system)"
- }
- ]
- }
- },
- {
- "variable": "datasetName",
- "label": "Dataset Name",
- "schema": {
- "type": "string",
- "show_if": [
- [
- "type",
- "=",
- "ixVolume"
- ]
- ],
- "required": true,
- "hidden": true,
- "immutable": true,
- "default": "config",
- "$ref": [
- "normalize/ixVolume"
- ]
- }
- },
- {
- "variable": "hostPath",
- "label": "Host Path",
- "schema": {
- "type": "hostpath",
- "show_if": [
- [
- "type",
- "=",
- "hostPath"
- ]
- ],
- "immutable": true,
- "required": true
- }
- }
- ]
- }
- },
- {
- "variable": "additionalStorages",
- "label": "Additional Storage",
- "description": "Additional storage for 2FAuth.",
- "schema": {
- "type": "list",
- "default": [],
- "items": [
- {
- "variable": "storageEntry",
- "label": "Storage Entry",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "type",
- "label": "Type",
- "description": "ixVolume: Is dataset created automatically by the system.</br>\nHost Path: Is a path that already exists on the system.</br>\nSMB Share: Is a SMB share that is mounted to a persistent volume claim.\n",
- "schema": {
- "type": "string",
- "required": true,
- "default": "ixVolume",
- "immutable": true,
- "enum": [
- {
- "value": "hostPath",
- "description": "Host Path (Path that already exists on the system)"
- },
- {
- "value": "ixVolume",
- "description": "ixVolume (Dataset created automatically by the system)"
- },
- {
- "value": "smb-pv-pvc",
- "description": "SMB Share (Mounts a persistent volume claim to a SMB share)"
- }
- ]
- }
- },
- {
- "variable": "mountPath",
- "label": "Mount Path",
- "description": "The path inside the container to mount the storage.",
- "schema": {
- "type": "path",
- "required": true
- }
- },
- {
- "variable": "hostPath",
- "label": "Host Path",
- "description": "The host path to use for storage.",
- "schema": {
- "type": "hostpath",
- "show_if": [
- [
- "type",
- "=",
- "hostPath"
- ]
- ],
- "required": true
- }
- },
- {
- "variable": "datasetName",
- "label": "Dataset Name",
- "description": "The name of the dataset to use for storage.",
- "schema": {
- "type": "string",
- "show_if": [
- [
- "type",
- "=",
- "ixVolume"
- ]
- ],
- "required": true,
- "immutable": true,
- "default": "storage_entry",
- "$ref": [
- "normalize/ixVolume"
- ]
- }
- },
- {
- "variable": "server",
- "label": "Server",
- "description": "The server for the SMB share.",
- "schema": {
- "type": "string",
- "show_if": [
- [
- "type",
- "=",
- "smb-pv-pvc"
- ]
- ],
- "required": true
- }
- },
- {
- "variable": "share",
- "label": "Share",
- "description": "The share name for the SMB share.",
- "schema": {
- "type": "string",
- "show_if": [
- [
- "type",
- "=",
- "smb-pv-pvc"
- ]
- ],
- "required": true
- }
- },
- {
- "variable": "domain",
- "label": "Domain (Optional)",
- "description": "The domain for the SMB share.",
- "schema": {
- "type": "string",
- "show_if": [
- [
- "type",
- "=",
- "smb-pv-pvc"
- ]
- ]
- }
- },
- {
- "variable": "username",
- "label": "Username",
- "description": "The username for the SMB share.",
- "schema": {
- "type": "string",
- "show_if": [
- [
- "type",
- "=",
- "smb-pv-pvc"
- ]
- ],
- "required": true
- }
- },
- {
- "variable": "password",
- "label": "Password",
- "description": "The password for the SMB share.",
- "schema": {
- "type": "string",
- "show_if": [
- [
- "type",
- "=",
- "smb-pv-pvc"
- ]
- ],
- "required": true,
- "private": true
- }
- },
- {
- "variable": "size",
- "label": "Size (in Gi)",
- "description": "The size of the volume quota.",
- "schema": {
- "type": "int",
- "show_if": [
- [
- "type",
- "=",
- "smb-pv-pvc"
- ]
- ],
- "required": true,
- "min": 1,
- "default": 1
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- },
- {
- "variable": "resources",
- "group": "Resources Configuration",
- "label": "",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "limits",
- "label": "Limits",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "cpu",
- "label": "CPU",
- "description": "CPU limit for 2FAuth.",
- "schema": {
- "type": "string",
- "max_length": 6,
- "valid_chars": "^(0\\.[1-9]|[1-9][0-9]*)(\\.[0-9]|m?)$",
- "valid_chars_error": "Valid CPU limit formats are</br>\n- Plain Integer - eg. 1</br>\n- Float - eg. 0.5</br>\n- Milicpu - eg. 500m\n",
- "default": "4000m",
- "required": true
- }
- },
- {
- "variable": "memory",
- "label": "Memory",
- "description": "Memory limit for 2FAuth.",
- "schema": {
- "type": "string",
- "max_length": 12,
- "valid_chars": "^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$",
- "valid_chars_error": "Valid Memory limit formats are</br>\n- Suffixed with E/P/T/G/M/K - eg. 1G</br>\n- Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi</br>\n- Plain Integer in bytes - eg. 1024</br>\n- Exponent - eg. 134e6\n",
- "default": "8Gi",
- "required": true
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- },
- "app_readme": "<h1>2FAuth</h1>\n<p><a href=\"https://docs.2fauth.app/\">2FAuth</a> is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop.</p>\n<blockquote>\n<p>When application is installed, a container will be launched with <strong>root</strong> privileges.\nThis is required in order to apply the correct permissions to the <code>2FAuth</code> directories.\nAfterward, the <code>2FAuth</code> container will run as a <strong>non</strong>-root user (<code>1000</code>).\nAll mounted storage(s) will be <code>chown</code>ed only if the parent directory does not match the configured user.</p>\n</blockquote>",
- "detailed_readme": "<h1>2FAuth</h1>\n<p><a href=\"https://docs.2fauth.app/\">2FAuth</a> is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop.</p>\n<blockquote>\n<p>When application is installed, a container will be launched with <strong>root</strong> privileges.\nThis is required in order to apply the correct permissions to the <code>2FAuth</code> directories.\nAfterward, the <code>2FAuth</code> container will run as a <strong>non</strong>-root user (<code>1000</code>).\nAll mounted storage(s) will be <code>chown</code>ed only if the parent directory does not match the configured user.</p>\n</blockquote>",
- "changelog": null
- }
- }
|
