From 34969f304e2455732d60c4eb45263e22b8e67eb2 Mon Sep 17 00:00:00 2001 From: this-is-tobi Date: Sun, 13 Apr 2025 18:21:53 +0200 Subject: [PATCH] feat: add storage provider support in open-webui chart --- charts/open-webui/README.md | 12 ++++++ charts/open-webui/templates/pvc.yaml | 2 +- .../templates/workload-manager.yaml | 40 +++++++++++++++++-- charts/open-webui/values.yaml | 27 +++++++++++++ 4 files changed, 76 insertions(+), 5 deletions(-) diff --git a/charts/open-webui/README.md b/charts/open-webui/README.md index 0a1dc2b..06cc465 100644 --- a/charts/open-webui/README.md +++ b/charts/open-webui/README.md @@ -144,8 +144,20 @@ helm upgrade --install open-webui open-webui/open-webui | openaiBaseApiUrls | list | `[]` | OpenAI base API URLs to use. Overwrites the value in openaiBaseApiUrl if set | | persistence.accessModes | list | `["ReadWriteOnce"]` | If using multiple replicas, you must update accessModes to ReadWriteMany | | persistence.annotations | object | `{}` | | +| persistence.azure.container | string | `""` | Sets the container name for Azure Storage | +| persistence.azure.endpointUrl | string | `nil` | Sets the endpoint URL for Azure Storage | +| persistence.azure.key | string | `""` | Set the access key for Azure Storage. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services | | persistence.enabled | bool | `true` | | | persistence.existingClaim | string | `""` | Use existingClaim if you want to re-use an existing Open WebUI PVC instead of creating a new one | +| persistence.gcs.appCredentialsJson | string | `""` | Contents of Google Application Credentials JSON file. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account | +| persistence.gcs.bucket | string | `""` | Sets the bucket name for Google Cloud Storage. Bucket must already exist | +| persistence.provider | string | `"local"` | Sets the storage provider, availables values are `local`, `s3`, `gcs` or `azure` | +| persistence.s3.accessKey | string | `""` | Sets the access key ID for S3 storage | +| persistence.s3.bucket | string | `""` | Sets the bucket name for S3 storage | +| persistence.s3.endpointUrl | string | `""` | Sets the endpoint url for S3 storage | +| persistence.s3.keyPrefix | string | `""` | Sets the key prefix for a S3 object | +| persistence.s3.region | string | `""` | Sets the region name for S3 storage | +| persistence.s3.secretKey | string | `""` | Sets the secret access key for S3 storage | | persistence.selector | object | `{}` | | | persistence.size | string | `"2Gi"` | | | persistence.storageClass | string | `""` | | diff --git a/charts/open-webui/templates/pvc.yaml b/charts/open-webui/templates/pvc.yaml index c412e7f..4df3f27 100644 --- a/charts/open-webui/templates/pvc.yaml +++ b/charts/open-webui/templates/pvc.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) (eq .Values.persistence.provider "local") }} apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/charts/open-webui/templates/workload-manager.yaml b/charts/open-webui/templates/workload-manager.yaml index 7013255..688b12c 100644 --- a/charts/open-webui/templates/workload-manager.yaml +++ b/charts/open-webui/templates/workload-manager.yaml @@ -1,5 +1,5 @@ apiVersion: apps/v1 -{{- if .Values.persistence.enabled }} +{{- if and .Values.persistence.enabled (eq .Values.persistence.provider "local") }} kind: StatefulSet {{- else }} kind: Deployment @@ -15,14 +15,14 @@ metadata: {{- end }} spec: replicas: {{ .Values.replicaCount }} - {{- if .Values.persistence.enabled }} + {{- if and .Values.persistence.enabled (eq .Values.persistence.provider "local") }} serviceName: {{ include "open-webui.name" . }} {{- end }} selector: matchLabels: {{- include "open-webui.selectorLabels" . | nindent 6 }} {{- if .Values.strategy }} - {{- if .Values.persistence.enabled }} + {{- if and .Values.persistence.enabled (eq .Values.persistence.provider "local") }} updateStrategy: {{- toYaml .Values.strategy | nindent 4 }} {{- else }} @@ -156,6 +156,38 @@ spec: - name: "TIKA_SERVER_URL" value: http://{{ .Chart.Name }}-tika:9998 {{- end }} + {{- if eq .Values.persistence.provider "s3" }} + - name: "STORAGE_PROVIDER" + value: {{ .Values.persistence.provider }} + - name: "S3_ACCESS_KEY_ID" + value: {{ .Values.persistence.s3.accessKey }} + - name: "S3_SECRET_ACCESS_KEY" + value: {{ .Values.persistence.s3.secretKey }} + - name: "S3_ENDPOINT_URL" + value: {{ .Values.persistence.s3.endpointUrl }} + - name: "S3_BUCKET_NAME" + value: {{ .Values.persistence.s3.bucket }} + - name: "S3_REGION_NAME" + value: {{ .Values.persistence.s3.region }} + - name: "S3_KEY_PREFIX" + value: {{ .Values.persistence.s3.keyPrefix }} + {{- else if eq .Values.persistence.provider "gcs" }} + - name: "STORAGE_PROVIDER" + value: {{ .Values.persistence.provider }} + - name: "GOOGLE_APPLICATION_CREDENTIALS_JSON" + value: {{ .Values.persistence.gcs.appCredentialsJson }} + - name: "GCS_BUCKET_NAME" + value: {{ .Values.persistence.gcs.bucket }} + {{- else if eq .Values.persistence.provider "azure" }} + - name: "STORAGE_PROVIDER" + value: {{ .Values.persistence.provider }} + - name: "AZURE_STORAGE_ENDPOINT" + value: {{ .Values.persistence.azure.endpointUrl }} + - name: "AZURE_STORAGE_CONTAINER_NAME" + value: {{ .Values.persistence.azure.container }} + - name: "AZURE_STORAGE_KEY" + value: {{ .Values.persistence.azure.key }} + {{- end }} {{- if .Values.websocket.enabled }} - name: "ENABLE_WEBSOCKET_SUPPORT" value: "True" @@ -264,7 +296,7 @@ spec: - name: data persistentVolumeClaim: claimName: {{ .Values.persistence.existingClaim }} - {{- else if not .Values.persistence.enabled }} + {{- else if or (not .Values.persistence.enabled) (not (eq .Values.persistence.provider "local")) }} - name: data emptyDir: {} {{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} diff --git a/charts/open-webui/values.yaml b/charts/open-webui/values.yaml index b39ea19..61fe780 100644 --- a/charts/open-webui/values.yaml +++ b/charts/open-webui/values.yaml @@ -211,6 +211,33 @@ persistence: storageClass: "" selector: {} annotations: {} + # -- Sets the storage provider, availables values are `local`, `s3`, `gcs` or `azure` + provider: local + s3: + # -- Sets the access key ID for S3 storage + accessKey: "" + # -- Sets the secret access key for S3 storage + secretKey: "" + # -- Sets the endpoint url for S3 storage + endpointUrl: "" + # -- Sets the region name for S3 storage + region: "" + # -- Sets the bucket name for S3 storage + bucket: "" + # -- Sets the key prefix for a S3 object + keyPrefix: "" + gcs: + # -- Contents of Google Application Credentials JSON file. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account + appCredentialsJson: "" + # -- Sets the bucket name for Google Cloud Storage. Bucket must already exist + bucket: "" + azure: + # -- Sets the endpoint URL for Azure Storage + endpointUrl: + # -- Sets the container name for Azure Storage + container: "" + # -- Set the access key for Azure Storage. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services + key: "" # -- Node labels for pod assignment. nodeSelector: {}