diff --git a/charts/open-webui/Chart.yaml b/charts/open-webui/Chart.yaml index a3eaf7e..078b572 100644 --- a/charts/open-webui/Chart.yaml +++ b/charts/open-webui/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: open-webui -version: 6.8.0 +version: 6.9.0 appVersion: 0.6.6 home: https://www.openwebui.com/ icon: >- diff --git a/charts/open-webui/README.md b/charts/open-webui/README.md index abfd697..2a0019e 100644 --- a/charts/open-webui/README.md +++ b/charts/open-webui/README.md @@ -1,6 +1,6 @@ # open-webui -![Version: 6.8.0](https://img.shields.io/badge/Version-6.8.0-informational?style=flat-square) ![AppVersion: 0.6.6](https://img.shields.io/badge/AppVersion-0.6.6-informational?style=flat-square) +![Version: 6.9.0](https://img.shields.io/badge/Version-6.9.0-informational?style=flat-square) ![AppVersion: 0.6.6](https://img.shields.io/badge/AppVersion-0.6.6-informational?style=flat-square) Open WebUI: A User-Friendly Web Interface for Chat Interactions 👋 @@ -41,6 +41,38 @@ helm upgrade --install open-webui open-webui/open-webui ## Values +### Azure Storage configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| persistence.azure.container | string | `""` | Sets the container name for Azure Storage | +| persistence.azure.endpointUrl | string | `""` | Sets the endpoint URL for Azure Storage | +| persistence.azure.key | string | `""` | Set the access key for Azure Storage (ignored if keyExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services | +| persistence.azure.keyExistingSecret | string | `""` | Set the access key for Azure Storage from existing secret | +| persistence.azure.keyExistingSecretKey | string | `""` | Set the access key for Azure Storage from existing secret key | + +### Google Cloud Storage configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| persistence.gcs.appCredentialsJson | string | `""` | Contents of Google Application Credentials JSON file (ignored if appCredentialsJsonExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account | +| persistence.gcs.appCredentialsJsonExistingSecret | string | `""` | Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret | +| persistence.gcs.appCredentialsJsonExistingSecretKey | string | `""` | Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret key | +| persistence.gcs.bucket | string | `""` | Sets the bucket name for Google Cloud Storage. Bucket must already exist | + +### Amazon S3 Storage configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| persistence.s3.accessKey | string | `""` | Sets the access key ID for S3 storage | +| persistence.s3.bucket | string | `""` | Sets the bucket name for S3 storage | +| persistence.s3.endpointUrl | string | `""` | Sets the endpoint url for S3 storage | +| persistence.s3.keyPrefix | string | `""` | Sets the key prefix for a S3 object | +| persistence.s3.region | string | `""` | Sets the region name for S3 storage | +| persistence.s3.secretKey | string | `""` | Sets the secret access key for S3 storage (ignored if secretKeyExistingSecret is set) | +| persistence.s3.secretKeyExistingSecret | string | `""` | Set the secret access key for S3 storage from existing k8s secret | +| persistence.s3.secretKeyExistingSecretKey | string | `""` | Set the secret access key for S3 storage from existing k8s secret key | + ### SSO Configuration | Key | Type | Default | Description | @@ -153,20 +185,9 @@ helm upgrade --install open-webui open-webui/open-webui | openaiBaseApiUrls | list | `[]` | OpenAI base API URLs to use. Overwrites the value in openaiBaseApiUrl if set | | persistence.accessModes | list | `["ReadWriteOnce"]` | If using multiple replicas, you must update accessModes to ReadWriteMany | | persistence.annotations | object | `{}` | | -| persistence.azure.container | string | `""` | Sets the container name for Azure Storage | -| persistence.azure.endpointUrl | string | `""` | Sets the endpoint URL for Azure Storage | -| persistence.azure.key | string | `""` | Set the access key for Azure Storage. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services | | persistence.enabled | bool | `true` | | | persistence.existingClaim | string | `""` | Use existingClaim if you want to re-use an existing Open WebUI PVC instead of creating a new one | -| persistence.gcs.appCredentialsJson | string | `""` | Contents of Google Application Credentials JSON file. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account | -| persistence.gcs.bucket | string | `""` | Sets the bucket name for Google Cloud Storage. Bucket must already exist | | persistence.provider | string | `"local"` | Sets the storage provider, availables values are `local`, `s3`, `gcs` or `azure` | -| persistence.s3.accessKey | string | `""` | Sets the access key ID for S3 storage | -| persistence.s3.bucket | string | `""` | Sets the bucket name for S3 storage | -| persistence.s3.endpointUrl | string | `""` | Sets the endpoint url for S3 storage | -| persistence.s3.keyPrefix | string | `""` | Sets the key prefix for a S3 object | -| persistence.s3.region | string | `""` | Sets the region name for S3 storage | -| persistence.s3.secretKey | string | `""` | Sets the secret access key for S3 storage | | persistence.selector | object | `{}` | | | persistence.size | string | `"2Gi"` | | | persistence.storageClass | string | `""` | | diff --git a/charts/open-webui/templates/workload-manager.yaml b/charts/open-webui/templates/workload-manager.yaml index 26f0b93..4da3df2 100644 --- a/charts/open-webui/templates/workload-manager.yaml +++ b/charts/open-webui/templates/workload-manager.yaml @@ -159,7 +159,14 @@ spec: - name: "S3_ACCESS_KEY_ID" value: {{ .Values.persistence.s3.accessKey }} - name: "S3_SECRET_ACCESS_KEY" + {{- if .Values.persistence.s3.secretKeyExistingSecret }} + valueFrom: + secretKeyRef: + name: {{ .Values.persistence.s3.secretKeyExistingSecret }} + key: {{ .Values.persistence.s3.secretKeyExistingSecretKey }} + {{- else }} value: {{ .Values.persistence.s3.secretKey }} + {{- end }} - name: "S3_ENDPOINT_URL" value: {{ .Values.persistence.s3.endpointUrl }} - name: "S3_BUCKET_NAME" @@ -172,7 +179,14 @@ spec: - name: "STORAGE_PROVIDER" value: {{ .Values.persistence.provider }} - name: "GOOGLE_APPLICATION_CREDENTIALS_JSON" + {{- if .Values.persistence.gcs.appCredentialsJsonExistingSecret }} + valueFrom: + secretKeyRef: + name: {{ .Values.persistence.gcs.appCredentialsJsonExistingSecret }} + key: {{ .Values.persistence.gcs.appCredentialsJsonExistingSecretKey }} + {{- else }} value: {{ .Values.persistence.gcs.appCredentialsJson }} + {{- end }} - name: "GCS_BUCKET_NAME" value: {{ .Values.persistence.gcs.bucket }} {{- else if eq .Values.persistence.provider "azure" }} @@ -183,8 +197,15 @@ spec: - name: "AZURE_STORAGE_CONTAINER_NAME" value: {{ .Values.persistence.azure.container }} - name: "AZURE_STORAGE_KEY" + {{- if .Values.persistence.azure.keyExistingSecret }} + valueFrom: + secretKeyRef: + name: {{ .Values.persistence.azure.keyExistingSecret }} + key: {{ .Values.persistence.azure.keyExistingSecretKey }} + {{- else }} value: {{ .Values.persistence.azure.key }} {{- end }} + {{- end }} {{- if .Values.websocket.enabled }} - name: "ENABLE_WEBSOCKET_SUPPORT" value: "True" diff --git a/charts/open-webui/values.yaml b/charts/open-webui/values.yaml index 35c70d0..80d6422 100644 --- a/charts/open-webui/values.yaml +++ b/charts/open-webui/values.yaml @@ -215,29 +215,58 @@ persistence: provider: local s3: # -- Sets the access key ID for S3 storage + # @section -- Amazon S3 Storage configuration accessKey: "" - # -- Sets the secret access key for S3 storage + # -- Sets the secret access key for S3 storage (ignored if secretKeyExistingSecret is set) + # @section -- Amazon S3 Storage configuration secretKey: "" + # -- Set the secret access key for S3 storage from existing k8s secret + # @section -- Amazon S3 Storage configuration + secretKeyExistingSecret: "" + # -- Set the secret access key for S3 storage from existing k8s secret key + # @section -- Amazon S3 Storage configuration + secretKeyExistingSecretKey: "" # -- Sets the endpoint url for S3 storage + # @section -- Amazon S3 Storage configuration endpointUrl: "" # -- Sets the region name for S3 storage - region: "" + # @section -- Amazon S3 Storage configuration + region: "" # -- Sets the bucket name for S3 storage - bucket: "" + # @section -- Amazon S3 Storage configuration + bucket: "" # -- Sets the key prefix for a S3 object + # @section -- Amazon S3 Storage configuration keyPrefix: "" gcs: - # -- Contents of Google Application Credentials JSON file. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account + # -- Contents of Google Application Credentials JSON file (ignored if appCredentialsJsonExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account + # @section -- Google Cloud Storage configuration appCredentialsJson: "" + # -- Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret + # @section -- Google Cloud Storage configuration + appCredentialsJsonExistingSecret: "" + # -- Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret key + # @section -- Google Cloud Storage configuration + appCredentialsJsonExistingSecretKey: "" # -- Sets the bucket name for Google Cloud Storage. Bucket must already exist + # @section -- Google Cloud Storage configuration bucket: "" azure: # -- Sets the endpoint URL for Azure Storage + # @section -- Azure Storage configuration endpointUrl: "" # -- Sets the container name for Azure Storage + # @section -- Azure Storage configuration container: "" - # -- Set the access key for Azure Storage. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services + # -- Set the access key for Azure Storage (ignored if keyExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services + # @section -- Azure Storage configuration key: "" + # -- Set the access key for Azure Storage from existing secret + # @section -- Azure Storage configuration + keyExistingSecret: "" + # -- Set the access key for Azure Storage from existing secret key + # @section -- Azure Storage configuration + keyExistingSecretKey: "" # -- Node labels for pod assignment. nodeSelector: {}