diff --git a/charts/open-webui/Chart.lock b/charts/open-webui/Chart.lock index acac342..a739ad8 100644 --- a/charts/open-webui/Chart.lock +++ b/charts/open-webui/Chart.lock @@ -1,7 +1,7 @@ dependencies: - name: ollama repository: https://otwld.github.io/ollama-helm/ - version: 1.4.1 + version: 1.5.0 - name: pipelines repository: https://helm.openwebui.com version: 0.0.6 @@ -11,5 +11,5 @@ dependencies: - name: redis repository: https://charts.bitnami.com/bitnami version: 20.7.0 -digest: sha256:472d0e2ea428473915d0c0fa16072772baf217a98e1aec1424a2cbb1d00b8235 -generated: "2025-02-06T15:42:37.834162+01:00" +digest: sha256:ecd7af79d60153ff14ef2a49dd1b95c40a93bf9a986a9ddc796f8cba2b6775dc +generated: "2025-02-14T19:09:29.33676+09:00" diff --git a/charts/open-webui/Chart.yaml b/charts/open-webui/Chart.yaml index 6dc4db2..411d2b4 100644 --- a/charts/open-webui/Chart.yaml +++ b/charts/open-webui/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: open-webui -version: 5.11.0 -appVersion: 0.5.10 +version: 5.13.0 +appVersion: 0.5.12 home: https://www.openwebui.com/ icon: >- https://raw.githubusercontent.com/open-webui/open-webui/main/static/favicon.png diff --git a/charts/open-webui/README.md b/charts/open-webui/README.md index f442d9b..88e2c5b 100644 --- a/charts/open-webui/README.md +++ b/charts/open-webui/README.md @@ -1,6 +1,6 @@ # open-webui -![Version: 5.11.0](https://img.shields.io/badge/Version-5.11.0-informational?style=flat-square) ![AppVersion: 0.5.10](https://img.shields.io/badge/AppVersion-0.5.10-informational?style=flat-square) +![Version: 5.13.0](https://img.shields.io/badge/Version-5.13.0-informational?style=flat-square) ![AppVersion: 0.5.12](https://img.shields.io/badge/AppVersion-0.5.12-informational?style=flat-square) Open WebUI: A User-Friendly Web Interface for Chat Interactions 👋 @@ -53,13 +53,16 @@ helm upgrade --install open-webui open-webui/open-webui | image | object | `{"pullPolicy":"IfNotPresent","repository":"ghcr.io/open-webui/open-webui","tag":""}` | Open WebUI image tags can be found here: https://github.com/open-webui/open-webui | | imagePullSecrets | list | `[]` | Configure imagePullSecrets to use private registry ref: | | ingress.additionalHosts | list | `[]` | | -| ingress.annotations | object | `{}` | Use appropriate annotations for your Ingress controller, e.g., for NGINX: nginx.ingress.kubernetes.io/rewrite-target: / | +| ingress.annotations | object | `{}` | Use appropriate annotations for your Ingress controller, e.g., for NGINX: | | ingress.class | string | `""` | | | ingress.enabled | bool | `false` | | | ingress.existingSecret | string | `""` | | -| ingress.host | string | `""` | | +| ingress.host | string | `"chat.example.com"` | | | ingress.tls | bool | `false` | | | livenessProbe | object | `{}` | Probe for liveness of the Open WebUI container ref: | +| managedCertificate.domains[0] | string | `"chat.example.com"` | | +| managedCertificate.enabled | bool | `false` | | +| managedCertificate.name | string | `"mydomain-chat-cert"` | | | nameOverride | string | `""` | | | namespaceOverride | string | `""` | | | nodeSelector | object | `{}` | Node labels for pod assignment. | @@ -105,7 +108,7 @@ helm upgrade --install open-webui open-webui/open-webui | volumes | list | `[]` | Configure pod volumes ref: | | websocket.enabled | bool | `false` | Enables websocket support in Open WebUI with env `ENABLE_WEBSOCKET_SUPPORT` | | websocket.manager | string | `"redis"` | Specifies the websocket manager to use with env `WEBSOCKET_MANAGER`: redis (default) | -| websocket.redis | object | `{"annotations":{},"args":[],"command":[],"enabled":true,"image":{"pullPolicy":"IfNotPresent","repository":"redis","tag":"7.4.2-alpine3.21"},"labels":{},"name":"open-webui-redis","resources":{},"service":{"annotations":{},"containerPort":6379,"labels":{},"nodePort":"","port":6379,"type":"ClusterIP"}}` | Deploys a redis | +| websocket.redis | object | `{"annotations":{},"args":[],"command":[],"enabled":true,"image":{"pullPolicy":"IfNotPresent","repository":"redis","tag":"7.4.2-alpine3.21"},"labels":{},"name":"open-webui-redis","pods":{"annotations":{}},"resources":{},"service":{"annotations":{},"containerPort":6379,"labels":{},"nodePort":"","port":6379,"type":"ClusterIP"}}` | Deploys a redis | | websocket.redis.annotations | object | `{}` | Redis annotations | | websocket.redis.args | list | `[]` | Redis arguments (overrides default) | | websocket.redis.command | list | `[]` | Redis command (overrides default) | @@ -113,6 +116,8 @@ helm upgrade --install open-webui open-webui/open-webui | websocket.redis.image | object | `{"pullPolicy":"IfNotPresent","repository":"redis","tag":"7.4.2-alpine3.21"}` | Redis image | | websocket.redis.labels | object | `{}` | Redis labels | | websocket.redis.name | string | `"open-webui-redis"` | Redis name | +| websocket.redis.pods | object | `{"annotations":{}}` | Redis pod | +| websocket.redis.pods.annotations | object | `{}` | Redis pod annotations | | websocket.redis.resources | object | `{}` | Redis resources | | websocket.redis.service | object | `{"annotations":{},"containerPort":6379,"labels":{},"nodePort":"","port":6379,"type":"ClusterIP"}` | Redis service | | websocket.redis.service.annotations | object | `{}` | Redis service annotations | diff --git a/charts/open-webui/charts/ollama-1.4.1.tgz b/charts/open-webui/charts/ollama-1.5.0.tgz similarity index 71% rename from charts/open-webui/charts/ollama-1.4.1.tgz rename to charts/open-webui/charts/ollama-1.5.0.tgz index 784bc07..a22edc0 100644 Binary files a/charts/open-webui/charts/ollama-1.4.1.tgz and b/charts/open-webui/charts/ollama-1.5.0.tgz differ diff --git a/charts/open-webui/templates/managed-cert.yaml b/charts/open-webui/templates/managed-cert.yaml new file mode 100644 index 0000000..a4ade9e --- /dev/null +++ b/charts/open-webui/templates/managed-cert.yaml @@ -0,0 +1,11 @@ +{{- if .Values.managedCertificate.enabled }} +apiVersion: networking.gke.io/v1 +kind: ManagedCertificate +metadata: + name: {{ .Values.managedCertificate.name | default "mydomain-cert" }} +spec: + domains: + {{- range .Values.managedCertificate.domains }} + - {{ . | quote }} + {{- end }} +{{- end }} diff --git a/charts/open-webui/templates/websocket-redis.yaml b/charts/open-webui/templates/websocket-redis.yaml index 5e95dc8..55de81b 100644 --- a/charts/open-webui/templates/websocket-redis.yaml +++ b/charts/open-webui/templates/websocket-redis.yaml @@ -21,6 +21,10 @@ spec: metadata: labels: {{- include "websocket.redis.labels" . | nindent 8 }} + annotations: + {{- with .Values.websocket.redis.pods.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: containers: - name: {{ .Values.websocket.redis.name }} diff --git a/charts/open-webui/values-gke-min.yaml b/charts/open-webui/values-gke-min.yaml new file mode 100644 index 0000000..0462e73 --- /dev/null +++ b/charts/open-webui/values-gke-min.yaml @@ -0,0 +1,290 @@ +nameOverride: "" +namespaceOverride: "" + +ollama: + # -- Automatically install Ollama Helm chart from https://otwld.github.io/ollama-helm/. Use [Helm Values](https://github.com/otwld/ollama-helm/#helm-values) to configure + enabled: false + # -- If enabling embedded Ollama, update fullnameOverride to your desired Ollama name value, or else it will use the default ollama.name value from the Ollama chart + fullnameOverride: "open-webui-ollama" + # -- Example Ollama configuration with nvidia GPU enabled, automatically downloading a model, and deploying a PVC for model persistence + # ollama: + # gpu: + # enabled: true + # type: 'nvidia' + # number: 1 + # models: + # - llama3 + # runtimeClassName: nvidia + # persistentVolume: + # enabled: true + # volumeName: "example-pre-existing-pv-created-by-smb-csi" + +pipelines: + # -- Automatically install Pipelines chart to extend Open WebUI functionality using Pipelines: https://github.com/open-webui/pipelines + enabled: false + # -- This section can be used to pass required environment variables to your pipelines (e.g. Langfuse hostname) + extraEnvVars: [] + +tika: + # -- Automatically install Apache Tika to extend Open WebUI + enabled: false + +# -- A list of Ollama API endpoints. These can be added in lieu of automatically installing the Ollama Helm chart, or in addition to it. +ollamaUrls: [] + +websocket: + # -- Enables websocket support in Open WebUI with env `ENABLE_WEBSOCKET_SUPPORT` + enabled: false + # -- Specifies the websocket manager to use with env `WEBSOCKET_MANAGER`: redis (default) + manager: redis + # -- Specifies the URL of the Redis instance for websocket communication. Template with `redis://[:@]:/` + url: redis://open-webui-redis:6379/0 + # -- Deploys a redis + redis: + # -- Enable redis installation + enabled: true + # -- Redis name + name: open-webui-redis + # -- Redis labels + labels: {} + # -- Redis annotations + annotations: {} + # -- Redis image + image: + repository: redis + tag: 7.4.2-alpine3.21 + pullPolicy: IfNotPresent + # -- Redis command (overrides default) + command: [] + # -- Redis arguments (overrides default) + args: [] + # -- Redis resources + resources: {} + # -- Redis service + service: + # -- Redis container/target port + containerPort: 6379 + # -- Redis service type + type: ClusterIP + # -- Redis service labels + labels: {} + # -- Redis service annotations + annotations: {} + # -- Redis service port + port: 6379 + # -- Redis service node port. Valid only when type is `NodePort` + nodePort: "" + +# -- Deploys a Redis cluster with subchart 'redis' from bitnami +redis-cluster: + # -- Enable Redis installation + enabled: false + # -- Redis cluster name (recommended to be 'open-webui-redis') + # - In this case, redis url will be 'redis://open-webui-redis-master:6379/0' or 'redis://[:@]open-webui-redis-master:6379/0' + fullnameOverride: open-webui-redis + # -- Redis Authentication + auth: + # -- Enable Redis authentication (disabled by default). For your security, we strongly suggest that you switch to 'auth.enabled=true' + enabled: false + # -- Replica configuration for the Redis cluster + replica: + # -- Number of Redis replica instances + replicaCount: 3 + +# -- Value of cluster domain +clusterDomain: cluster.local + +annotations: {} +podAnnotations: {} +podLabels: {} +replicaCount: 1 +# -- Strategy for updating the workload manager: deployment or statefulset +strategy: {} +# -- Open WebUI image tags can be found here: https://github.com/open-webui/open-webui +image: + repository: ghcr.io/open-webui/open-webui + tag: "" + pullPolicy: "IfNotPresent" + +serviceAccount: + enable: true + name: "" + annotations: {} + automountServiceAccountToken: false + +# -- Configure imagePullSecrets to use private registry +# ref: +imagePullSecrets: [] +# imagePullSecrets: +# - name: myRegistryKeySecretName + +# -- Probe for liveness of the Open WebUI container +# ref: +livenessProbe: {} +# livenessProbe: +# httpGet: +# path: /health +# port: http +# failureThreshold: 1 +# periodSeconds: 10 + +# -- Probe for readiness of the Open WebUI container +# ref: +readinessProbe: {} +# readinessProbe: +# httpGet: +# path: /health/db +# port: http +# failureThreshold: 1 +# periodSeconds: 10 + +# -- Probe for startup of the Open WebUI container +# ref: +startupProbe: {} +# startupProbe: +# httpGet: +# path: /health +# port: http +# initialDelaySeconds: 30 +# periodSeconds: 5 +# failureThreshold: 20 + +resources: {} + +copyAppData: + resources: {} + +managedCertificate: + enabled: true + name: "mydomain-chat-cert" # You can override this name if needed + domains: + - chat.example.com # update to your real domain + +ingress: + enabled: true + class: "" + # -- Use appropriate annotations for your Ingress controller, e.g., for NGINX: + annotations: + # Example for GKE Ingress + kubernetes.io/ingress.class: "gce" + kubernetes.io/ingress.global-static-ip-name: "open-webui-external-ip" # you need to create this address in GCP console + # Force HTTP to redirect to HTTPS + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/permanent-redirect: "https://chat.example.com" + networking.gke.io/managed-certificates: "mydomain-chat-cert" + # nginx.ingress.kubernetes.io/rewrite-target: / + host: "chat.example.com" # update to your real domain + additionalHosts: [] + tls: false + existingSecret: "" +persistence: + enabled: true + size: 2Gi + # -- Use existingClaim if you want to re-use an existing Open WebUI PVC instead of creating a new one + existingClaim: "" + # -- Subdirectory of Open WebUI PVC to mount. Useful if root directory is not empty. + subPath: "" + # -- If using multiple replicas, you must update accessModes to ReadWriteMany + accessModes: + - ReadWriteOnce + storageClass: "" + selector: {} + annotations: {} + +# -- Node labels for pod assignment. +nodeSelector: {} + +# -- Tolerations for pod assignment +tolerations: [] + +# -- Affinity for pod assignment +affinity: {} + +# -- Topology Spread Constraints for pod assignment +topologySpreadConstraints: [] + +# -- Service values to expose Open WebUI pods to cluster +service: + type: LoadBalancer # changed from ClusterIP to LoadBalancer for external access on GKE + annotations: {} + port: 80 + containerPort: 8080 + nodePort: "" + labels: {} + loadBalancerClass: "" + +# -- OpenAI base API URL to use. Defaults to the Pipelines service endpoint when Pipelines are enabled, and "https://api.openai.com/v1" if Pipelines are not enabled and this value is blank +openaiBaseApiUrl: "" + +# -- Env vars added to the Open WebUI deployment. Most up-to-date environment variables can be found here: https://docs.openwebui.com/getting-started/env-configuration/ +extraEnvVars: + # -- Default API key value for Pipelines. Should be updated in a production deployment, or be changed to the required API key if not using Pipelines + - name: OPENAI_API_KEY + value: "0p3n-w3bu!" + # valueFrom: + # secretKeyRef: + # name: pipelines-api-key + # key: api-key + # - name: OPENAI_API_KEY + # valueFrom: + # secretKeyRef: + # name: openai-api-key + # key: api-key + # - name: OLLAMA_DEBUG + # value: "1" + +# -- Configure container volume mounts +# ref: +volumeMounts: + initContainer: [] + # - name: "" + # mountPath: "" + container: [] + # - name: "" + # mountPath: "" + +# -- Configure pod volumes +# ref: +volumes: [] +# - name: "" +# configMap: +# name: "" +# - name: "" +# emptyDir: {} + +# -- Configure pod security context +# ref: +podSecurityContext: + {} + # fsGroupChangePolicy: Always + # sysctls: [] + # supplementalGroups: [] + # fsGroup: 1001 + + +# -- Configure container security context +# ref: +containerSecurityContext: + {} + # runAsUser: 1001 + # runAsGroup: 1001 + # runAsNonRoot: true + # privileged: false + # allowPrivilegeEscalation: false + # readOnlyRootFilesystem: false + # capabilities: + # drop: + # - ALL + # seccompProfile: + # type: "RuntimeDefault" + +# -- Extra resources to deploy with Open WebUI +extraResources: + [] + # - apiVersion: v1 + # kind: ConfigMap + # metadata: + # name: example-configmap + # data: + # example-key: example-value diff --git a/charts/open-webui/values.yaml b/charts/open-webui/values.yaml index e65f01a..f7e6d30 100644 --- a/charts/open-webui/values.yaml +++ b/charts/open-webui/values.yaml @@ -13,7 +13,10 @@ ollama: # type: 'nvidia' # number: 1 # models: - # - llama3 + # pull: + # - llama3 + # run: + # - llama3 # runtimeClassName: nvidia # persistentVolume: # enabled: true @@ -52,6 +55,10 @@ websocket: labels: {} # -- Redis annotations annotations: {} + # -- Redis pod + pods: + # -- Redis pod annotations + annotations: {} # -- Redis image image: repository: redis @@ -157,13 +164,27 @@ resources: {} copyAppData: resources: {} +managedCertificate: + enabled: false + name: "mydomain-chat-cert" # You can override this name if needed + domains: + - chat.example.com # update to your real domain + ingress: enabled: false class: "" - # -- Use appropriate annotations for your Ingress controller, e.g., for NGINX: - # nginx.ingress.kubernetes.io/rewrite-target: / + # -- Use appropriate annotations for your Ingress controller, e.g., for NGINX: annotations: {} - host: "" + # # Example for GKE Ingress + # kubernetes.io/ingress.class: "gce" + # kubernetes.io/ingress.global-static-ip-name: "open-webui-external-ip" # you need to create this address in GCP console + # # Force HTTP to redirect to HTTPS + # nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + # nginx.ingress.kubernetes.io/ssl-redirect: "true" + # nginx.ingress.kubernetes.io/permanent-redirect: "https://chat.example.com" + # networking.gke.io/managed-certificates: "mydomain-chat-cert" + # # nginx.ingress.kubernetes.io/rewrite-target: / + host: "chat.example.com" # update to your real domain additionalHosts: [] tls: false existingSecret: ""