mirror of
https://github.com/open-webui/helm-charts
synced 2025-06-26 18:16:14 +00:00
Merge pull request #227 from mjtrangoni/feature-azure-storage-key
feat(open-webui): Make it possible to configure Storage credentials via k8s secrets
This commit is contained in:
James W.
GitHub
commit
7a93256102
@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: open-webui
|
||||
version: 6.8.0
|
||||
version: 6.9.0
|
||||
appVersion: 0.6.6
|
||||
home: https://www.openwebui.com/
|
||||
icon: >-
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# open-webui
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Open WebUI: A User-Friendly Web Interface for Chat Interactions 👋
|
||||
|
||||
@ -41,6 +41,38 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
|
||||
## Values
|
||||
|
||||
### Azure Storage configuration
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| persistence.azure.container | string | `""` | Sets the container name for Azure Storage |
|
||||
| persistence.azure.endpointUrl | string | `""` | Sets the endpoint URL for Azure Storage |
|
||||
| persistence.azure.key | string | `""` | Set the access key for Azure Storage (ignored if keyExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services |
|
||||
| persistence.azure.keyExistingSecret | string | `""` | Set the access key for Azure Storage from existing secret |
|
||||
| persistence.azure.keyExistingSecretKey | string | `""` | Set the access key for Azure Storage from existing secret key |
|
||||
|
||||
### Google Cloud Storage configuration
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| persistence.gcs.appCredentialsJson | string | `""` | Contents of Google Application Credentials JSON file (ignored if appCredentialsJsonExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account |
|
||||
| persistence.gcs.appCredentialsJsonExistingSecret | string | `""` | Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret |
|
||||
| persistence.gcs.appCredentialsJsonExistingSecretKey | string | `""` | Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret key |
|
||||
| persistence.gcs.bucket | string | `""` | Sets the bucket name for Google Cloud Storage. Bucket must already exist |
|
||||
|
||||
### Amazon S3 Storage configuration
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| persistence.s3.accessKey | string | `""` | Sets the access key ID for S3 storage |
|
||||
| persistence.s3.bucket | string | `""` | Sets the bucket name for S3 storage |
|
||||
| persistence.s3.endpointUrl | string | `""` | Sets the endpoint url for S3 storage |
|
||||
| persistence.s3.keyPrefix | string | `""` | Sets the key prefix for a S3 object |
|
||||
| persistence.s3.region | string | `""` | Sets the region name for S3 storage |
|
||||
| persistence.s3.secretKey | string | `""` | Sets the secret access key for S3 storage (ignored if secretKeyExistingSecret is set) |
|
||||
| persistence.s3.secretKeyExistingSecret | string | `""` | Set the secret access key for S3 storage from existing k8s secret |
|
||||
| persistence.s3.secretKeyExistingSecretKey | string | `""` | Set the secret access key for S3 storage from existing k8s secret key |
|
||||
|
||||
### SSO Configuration
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
@ -153,20 +185,9 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
| openaiBaseApiUrls | list | `[]` | OpenAI base API URLs to use. Overwrites the value in openaiBaseApiUrl if set |
|
||||
| persistence.accessModes | list | `["ReadWriteOnce"]` | If using multiple replicas, you must update accessModes to ReadWriteMany |
|
||||
| persistence.annotations | object | `{}` | |
|
||||
| persistence.azure.container | string | `""` | Sets the container name for Azure Storage |
|
||||
| persistence.azure.endpointUrl | string | `""` | Sets the endpoint URL for Azure Storage |
|
||||
| persistence.azure.key | string | `""` | Set the access key for Azure Storage. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services |
|
||||
| persistence.enabled | bool | `true` | |
|
||||
| persistence.existingClaim | string | `""` | Use existingClaim if you want to re-use an existing Open WebUI PVC instead of creating a new one |
|
||||
| persistence.gcs.appCredentialsJson | string | `""` | Contents of Google Application Credentials JSON file. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account |
|
||||
| persistence.gcs.bucket | string | `""` | Sets the bucket name for Google Cloud Storage. Bucket must already exist |
|
||||
| persistence.provider | string | `"local"` | Sets the storage provider, availables values are `local`, `s3`, `gcs` or `azure` |
|
||||
| persistence.s3.accessKey | string | `""` | Sets the access key ID for S3 storage |
|
||||
| persistence.s3.bucket | string | `""` | Sets the bucket name for S3 storage |
|
||||
| persistence.s3.endpointUrl | string | `""` | Sets the endpoint url for S3 storage |
|
||||
| persistence.s3.keyPrefix | string | `""` | Sets the key prefix for a S3 object |
|
||||
| persistence.s3.region | string | `""` | Sets the region name for S3 storage |
|
||||
| persistence.s3.secretKey | string | `""` | Sets the secret access key for S3 storage |
|
||||
| persistence.selector | object | `{}` | |
|
||||
| persistence.size | string | `"2Gi"` | |
|
||||
| persistence.storageClass | string | `""` | |
|
||||
|
||||
@ -159,7 +159,14 @@ spec:
|
||||
- name: "S3_ACCESS_KEY_ID"
|
||||
value: {{ .Values.persistence.s3.accessKey }}
|
||||
- name: "S3_SECRET_ACCESS_KEY"
|
||||
{{- if .Values.persistence.s3.secretKeyExistingSecret }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.persistence.s3.secretKeyExistingSecret }}
|
||||
key: {{ .Values.persistence.s3.secretKeyExistingSecretKey }}
|
||||
{{- else }}
|
||||
value: {{ .Values.persistence.s3.secretKey }}
|
||||
{{- end }}
|
||||
- name: "S3_ENDPOINT_URL"
|
||||
value: {{ .Values.persistence.s3.endpointUrl }}
|
||||
- name: "S3_BUCKET_NAME"
|
||||
@ -172,7 +179,14 @@ spec:
|
||||
- name: "STORAGE_PROVIDER"
|
||||
value: {{ .Values.persistence.provider }}
|
||||
- name: "GOOGLE_APPLICATION_CREDENTIALS_JSON"
|
||||
{{- if .Values.persistence.gcs.appCredentialsJsonExistingSecret }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.persistence.gcs.appCredentialsJsonExistingSecret }}
|
||||
key: {{ .Values.persistence.gcs.appCredentialsJsonExistingSecretKey }}
|
||||
{{- else }}
|
||||
value: {{ .Values.persistence.gcs.appCredentialsJson }}
|
||||
{{- end }}
|
||||
- name: "GCS_BUCKET_NAME"
|
||||
value: {{ .Values.persistence.gcs.bucket }}
|
||||
{{- else if eq .Values.persistence.provider "azure" }}
|
||||
@ -183,8 +197,15 @@ spec:
|
||||
- name: "AZURE_STORAGE_CONTAINER_NAME"
|
||||
value: {{ .Values.persistence.azure.container }}
|
||||
- name: "AZURE_STORAGE_KEY"
|
||||
{{- if .Values.persistence.azure.keyExistingSecret }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.persistence.azure.keyExistingSecret }}
|
||||
key: {{ .Values.persistence.azure.keyExistingSecretKey }}
|
||||
{{- else }}
|
||||
value: {{ .Values.persistence.azure.key }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.websocket.enabled }}
|
||||
- name: "ENABLE_WEBSOCKET_SUPPORT"
|
||||
value: "True"
|
||||
|
||||
@ -215,29 +215,58 @@ persistence:
|
||||
provider: local
|
||||
s3:
|
||||
# -- Sets the access key ID for S3 storage
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
accessKey: ""
|
||||
# -- Sets the secret access key for S3 storage
|
||||
# -- Sets the secret access key for S3 storage (ignored if secretKeyExistingSecret is set)
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
secretKey: ""
|
||||
# -- Set the secret access key for S3 storage from existing k8s secret
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
secretKeyExistingSecret: ""
|
||||
# -- Set the secret access key for S3 storage from existing k8s secret key
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
secretKeyExistingSecretKey: ""
|
||||
# -- Sets the endpoint url for S3 storage
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
endpointUrl: ""
|
||||
# -- Sets the region name for S3 storage
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
region: ""
|
||||
# -- Sets the bucket name for S3 storage
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
bucket: ""
|
||||
# -- Sets the key prefix for a S3 object
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
keyPrefix: ""
|
||||
gcs:
|
||||
# -- Contents of Google Application Credentials JSON file. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account
|
||||
# -- Contents of Google Application Credentials JSON file (ignored if appCredentialsJsonExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account
|
||||
# @section -- Google Cloud Storage configuration
|
||||
appCredentialsJson: ""
|
||||
# -- Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret
|
||||
# @section -- Google Cloud Storage configuration
|
||||
appCredentialsJsonExistingSecret: ""
|
||||
# -- Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret key
|
||||
# @section -- Google Cloud Storage configuration
|
||||
appCredentialsJsonExistingSecretKey: ""
|
||||
# -- Sets the bucket name for Google Cloud Storage. Bucket must already exist
|
||||
# @section -- Google Cloud Storage configuration
|
||||
bucket: ""
|
||||
azure:
|
||||
# -- Sets the endpoint URL for Azure Storage
|
||||
# @section -- Azure Storage configuration
|
||||
endpointUrl: ""
|
||||
# -- Sets the container name for Azure Storage
|
||||
# @section -- Azure Storage configuration
|
||||
container: ""
|
||||
# -- Set the access key for Azure Storage. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services
|
||||
# -- Set the access key for Azure Storage (ignored if keyExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services
|
||||
# @section -- Azure Storage configuration
|
||||
key: ""
|
||||
# -- Set the access key for Azure Storage from existing secret
|
||||
# @section -- Azure Storage configuration
|
||||
keyExistingSecret: ""
|
||||
# -- Set the access key for Azure Storage from existing secret key
|
||||
# @section -- Azure Storage configuration
|
||||
keyExistingSecretKey: ""
|
||||
|
||||
# -- Node labels for pod assignment.
|
||||
nodeSelector: {}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user