diff --git a/.github/workflows/helm-test-open-webui.yml b/.github/workflows/helm-test-open-webui.yml index e603832..0c4c29c 100644 --- a/.github/workflows/helm-test-open-webui.yml +++ b/.github/workflows/helm-test-open-webui.yml @@ -20,20 +20,21 @@ jobs: - name: Set up Helm uses: azure/setup-helm@v4 - - name: Lint open-webui Helm Chart - run: | - helm lint ./charts/open-webui - - name: Add Dependency Repos run: | helm repo add ollama https://otwld.github.io/ollama-helm/ helm repo add open-webui https://helm.openwebui.com/ helm repo add tika https://apache.jfrog.io/artifactory/tika/ - helm repo add redis https://charts.bitnami.com/bitnami + helm repo add bitnami https://charts.bitnami.com/bitnami + - name: Build open-webui Helm dependencies run: | helm dependency build ./charts/open-webui + - name: Lint open-webui Helm Chart + run: | + helm lint ./charts/open-webui + test-deploy: name: Test Chart Deployment runs-on: ubuntu-latest @@ -52,6 +53,17 @@ jobs: - name: Set up KinD Cluster uses: helm/kind-action@v1 + - name: Add Dependency Repos + run: | + helm repo add ollama https://otwld.github.io/ollama-helm/ + helm repo add open-webui https://helm.openwebui.com/ + helm repo add tika https://apache.jfrog.io/artifactory/tika/ + helm repo add bitnami https://charts.bitnami.com/bitnami + + - name: Build open-webui Helm dependencies + run: | + helm dependency build ./charts/open-webui + - name: Template open-webui Helm Chart run: | helm template open-webui ./charts/open-webui \ diff --git a/.gitignore b/.gitignore index c423615..fa9117c 100644 --- a/.gitignore +++ b/.gitignore @@ -122,4 +122,8 @@ Temporary Items # iCloud generated files *.icloud +### Helm ### +# Chart dependencies +**/charts/*.tgz + # End of https://www.toptal.com/developers/gitignore/api/macos,intellij+all,helm \ No newline at end of file diff --git a/charts/open-webui/Chart.lock b/charts/open-webui/Chart.lock index 04dd174..5f37d9b 100644 --- a/charts/open-webui/Chart.lock +++ b/charts/open-webui/Chart.lock @@ -11,5 +11,8 @@ dependencies: - name: redis repository: https://charts.bitnami.com/bitnami version: 20.11.5 -digest: sha256:e056d54c822caf7601281777f54d88f32818982d52b7e81fbf811b8e4661265e -generated: "2025-04-13T21:46:37.771856+09:00" +- name: postgresql + repository: https://charts.bitnami.com/bitnami + version: 16.6.3 +digest: sha256:6da6a7bae03aba138c247775a786c0f459bdd9360db8980b0a5ffdea0fb88a5d +generated: "2025-04-13T03:03:27.462575+02:00" diff --git a/charts/open-webui/Chart.yaml b/charts/open-webui/Chart.yaml index 31c0829..782fc87 100644 --- a/charts/open-webui/Chart.yaml +++ b/charts/open-webui/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: open-webui -version: 6.2.0 +version: 6.3.0 appVersion: 0.6.4 home: https://www.openwebui.com/ icon: >- @@ -43,3 +43,8 @@ dependencies: version: '>=20.6.2' alias: redis-cluster condition: redis-cluster.enabled + - name: postgresql + repository: https://charts.bitnami.com/bitnami + version: '>=15.5.38' + alias: postgresql + condition: postgresql.enabled diff --git a/charts/open-webui/README.md b/charts/open-webui/README.md index 49677b7..06cc465 100644 --- a/charts/open-webui/README.md +++ b/charts/open-webui/README.md @@ -1,6 +1,6 @@ # open-webui -![Version: 6.2.0](https://img.shields.io/badge/Version-6.2.0-informational?style=flat-square) ![AppVersion: 0.6.4](https://img.shields.io/badge/AppVersion-0.6.4-informational?style=flat-square) +![Version: 6.3.0](https://img.shields.io/badge/Version-6.3.0-informational?style=flat-square) ![AppVersion: 0.6.4](https://img.shields.io/badge/AppVersion-0.6.4-informational?style=flat-square) Open WebUI: A User-Friendly Web Interface for Chat Interactions 👋 @@ -34,6 +34,7 @@ helm upgrade --install open-webui open-webui/open-webui | Repository | Name | Version | |------------|------|---------| | https://apache.jfrog.io/artifactory/tika | tika | >=2.9.0 | +| https://charts.bitnami.com/bitnami | postgresql(postgresql) | >=15.5.38 | | https://charts.bitnami.com/bitnami | redis-cluster(redis) | >=20.6.2 | | https://helm.openwebui.com | pipelines | >=0.0.1 | | https://otwld.github.io/ollama-helm/ | ollama | >=0.24.0 | @@ -112,6 +113,7 @@ helm upgrade --install open-webui open-webui/open-webui | clusterDomain | string | `"cluster.local"` | Value of cluster domain | | containerSecurityContext | object | `{}` | Configure container security context ref: | | copyAppData.resources | object | `{}` | | +| databaseUrl | string | `""` | Configure database URL, needed to work with Postgres (example: `postgresql://:@:/`), leave empty to use the default sqlite database | | enableOpenaiApi | bool | `true` | Enables the use of OpenAI APIs | | extraEnvVars | list | `[{"name":"OPENAI_API_KEY","value":"0p3n-w3bu!"}]` | Env vars added to the Open WebUI deployment. Most up-to-date environment variables can be found here: https://docs.openwebui.com/getting-started/env-configuration/ | | extraEnvVars[0] | object | `{"name":"OPENAI_API_KEY","value":"0p3n-w3bu!"}` | Default API key value for Pipelines. Should be updated in a production deployment, or be changed to the required API key if not using Pipelines | @@ -142,8 +144,20 @@ helm upgrade --install open-webui open-webui/open-webui | openaiBaseApiUrls | list | `[]` | OpenAI base API URLs to use. Overwrites the value in openaiBaseApiUrl if set | | persistence.accessModes | list | `["ReadWriteOnce"]` | If using multiple replicas, you must update accessModes to ReadWriteMany | | persistence.annotations | object | `{}` | | +| persistence.azure.container | string | `""` | Sets the container name for Azure Storage | +| persistence.azure.endpointUrl | string | `nil` | Sets the endpoint URL for Azure Storage | +| persistence.azure.key | string | `""` | Set the access key for Azure Storage. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services | | persistence.enabled | bool | `true` | | | persistence.existingClaim | string | `""` | Use existingClaim if you want to re-use an existing Open WebUI PVC instead of creating a new one | +| persistence.gcs.appCredentialsJson | string | `""` | Contents of Google Application Credentials JSON file. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account | +| persistence.gcs.bucket | string | `""` | Sets the bucket name for Google Cloud Storage. Bucket must already exist | +| persistence.provider | string | `"local"` | Sets the storage provider, availables values are `local`, `s3`, `gcs` or `azure` | +| persistence.s3.accessKey | string | `""` | Sets the access key ID for S3 storage | +| persistence.s3.bucket | string | `""` | Sets the bucket name for S3 storage | +| persistence.s3.endpointUrl | string | `""` | Sets the endpoint url for S3 storage | +| persistence.s3.keyPrefix | string | `""` | Sets the key prefix for a S3 object | +| persistence.s3.region | string | `""` | Sets the region name for S3 storage | +| persistence.s3.secretKey | string | `""` | Sets the secret access key for S3 storage | | persistence.selector | object | `{}` | | | persistence.size | string | `"2Gi"` | | | persistence.storageClass | string | `""` | | @@ -153,6 +167,7 @@ helm upgrade --install open-webui open-webui/open-webui | podAnnotations | object | `{}` | | | podLabels | object | `{}` | | | podSecurityContext | object | `{}` | Configure pod security context ref: | +| postgresql | object | `{"architecture":"standalone","auth":{"database":"open-webui","password":"0p3n-w3bu!","postgresPassword":"0p3n-w3bu!","username":"open-webui"},"enabled":false,"fullnameOverride":"open-webui-postgres","primary":{"persistence":{"size":"1Gi"},"resources":{"limits":{"cpu":"500m","memory":"512Mi"},"requests":{"cpu":"250m","memory":"256Mi"}}}}` | Postgresql configuration (see. https://artifacthub.io/packages/helm/bitnami/postgresql) | | readinessProbe | object | `{}` | Probe for readiness of the Open WebUI container ref: | | redis-cluster | object | `{"auth":{"enabled":false},"enabled":false,"fullnameOverride":"open-webui-redis","replica":{"replicaCount":3}}` | Deploys a Redis cluster with subchart 'redis' from bitnami | | redis-cluster.auth | object | `{"enabled":false}` | Redis Authentication | diff --git a/charts/open-webui/charts/ollama-1.14.0.tgz b/charts/open-webui/charts/ollama-1.14.0.tgz deleted file mode 100644 index d8f68f0..0000000 Binary files a/charts/open-webui/charts/ollama-1.14.0.tgz and /dev/null differ diff --git a/charts/open-webui/charts/pipelines-0.5.0.tgz b/charts/open-webui/charts/pipelines-0.5.0.tgz deleted file mode 100644 index de0c888..0000000 Binary files a/charts/open-webui/charts/pipelines-0.5.0.tgz and /dev/null differ diff --git a/charts/open-webui/charts/redis-20.11.5.tgz b/charts/open-webui/charts/redis-20.11.5.tgz deleted file mode 100644 index 6b8b298..0000000 Binary files a/charts/open-webui/charts/redis-20.11.5.tgz and /dev/null differ diff --git a/charts/open-webui/charts/tika-2.9.0.tgz b/charts/open-webui/charts/tika-2.9.0.tgz deleted file mode 100644 index 8db6562..0000000 Binary files a/charts/open-webui/charts/tika-2.9.0.tgz and /dev/null differ diff --git a/charts/open-webui/templates/pvc.yaml b/charts/open-webui/templates/pvc.yaml index c412e7f..4df3f27 100644 --- a/charts/open-webui/templates/pvc.yaml +++ b/charts/open-webui/templates/pvc.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) (eq .Values.persistence.provider "local") }} apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/charts/open-webui/templates/workload-manager.yaml b/charts/open-webui/templates/workload-manager.yaml index dce5f65..64013bf 100644 --- a/charts/open-webui/templates/workload-manager.yaml +++ b/charts/open-webui/templates/workload-manager.yaml @@ -1,5 +1,5 @@ apiVersion: apps/v1 -{{- if .Values.persistence.enabled }} +{{- if and .Values.persistence.enabled (eq .Values.persistence.provider "local") }} kind: StatefulSet {{- else }} kind: Deployment @@ -15,14 +15,14 @@ metadata: {{- end }} spec: replicas: {{ .Values.replicaCount }} - {{- if .Values.persistence.enabled }} + {{- if and .Values.persistence.enabled (eq .Values.persistence.provider "local") }} serviceName: {{ include "open-webui.name" . }} {{- end }} selector: matchLabels: {{- include "open-webui.selectorLabels" . | nindent 6 }} {{- if .Values.strategy }} - {{- if .Values.persistence.enabled }} + {{- if and .Values.persistence.enabled (eq .Values.persistence.provider "local") }} updateStrategy: {{- toYaml .Values.strategy | nindent 4 }} {{- else }} @@ -147,15 +147,44 @@ spec: - name: "ENABLE_OPENAI_API" value: "False" {{- end }} - {{- if .Values.extraEnvVars }} - {{- toYaml .Values.extraEnvVars | nindent 8 }} - {{- end }} {{- if .Values.tika.enabled }} - name: "CONTENT_EXTRACTION_ENGINE" value: "Tika" - name: "TIKA_SERVER_URL" value: http://{{ .Chart.Name }}-tika:9998 {{- end }} + {{- if eq .Values.persistence.provider "s3" }} + - name: "STORAGE_PROVIDER" + value: {{ .Values.persistence.provider }} + - name: "S3_ACCESS_KEY_ID" + value: {{ .Values.persistence.s3.accessKey }} + - name: "S3_SECRET_ACCESS_KEY" + value: {{ .Values.persistence.s3.secretKey }} + - name: "S3_ENDPOINT_URL" + value: {{ .Values.persistence.s3.endpointUrl }} + - name: "S3_BUCKET_NAME" + value: {{ .Values.persistence.s3.bucket }} + - name: "S3_REGION_NAME" + value: {{ .Values.persistence.s3.region }} + - name: "S3_KEY_PREFIX" + value: {{ .Values.persistence.s3.keyPrefix }} + {{- else if eq .Values.persistence.provider "gcs" }} + - name: "STORAGE_PROVIDER" + value: {{ .Values.persistence.provider }} + - name: "GOOGLE_APPLICATION_CREDENTIALS_JSON" + value: {{ .Values.persistence.gcs.appCredentialsJson }} + - name: "GCS_BUCKET_NAME" + value: {{ .Values.persistence.gcs.bucket }} + {{- else if eq .Values.persistence.provider "azure" }} + - name: "STORAGE_PROVIDER" + value: {{ .Values.persistence.provider }} + - name: "AZURE_STORAGE_ENDPOINT" + value: {{ .Values.persistence.azure.endpointUrl }} + - name: "AZURE_STORAGE_CONTAINER_NAME" + value: {{ .Values.persistence.azure.container }} + - name: "AZURE_STORAGE_KEY" + value: {{ .Values.persistence.azure.key }} + {{- end }} {{- if .Values.websocket.enabled }} - name: "ENABLE_WEBSOCKET_SUPPORT" value: "True" @@ -164,6 +193,10 @@ spec: - name: "WEBSOCKET_REDIS_URL" value: {{ .Values.websocket.url | quote }} {{- end }} + {{- if or .Values.postgresql.enabled .Values.databaseUrl }} + - name: "DATABASE_URL" + value: {{ .Values.databaseUrl | default (printf "postgresql://%s:%s@%s:%s/%s" .Values.postgresql.auth.username .Values.postgresql.auth.password .Values.postgresql.fullnameOverride "5432" .Values.postgresql.auth.database) }} + {{- end }} {{- if .Values.sso.enabled }} {{- if .Values.sso.enableSignup }} - name: "ENABLE_OAUTH_SIGNUP" @@ -234,6 +267,9 @@ spec: {{- end }} {{- end }} {{- end }} + {{- if .Values.extraEnvVars }} + {{- toYaml .Values.extraEnvVars | nindent 8 }} + {{- end }} tty: true {{- with .Values.nodeSelector }} nodeSelector: @@ -260,7 +296,7 @@ spec: - name: data persistentVolumeClaim: claimName: {{ .Values.persistence.existingClaim }} - {{- else if not .Values.persistence.enabled }} + {{- else if or (not .Values.persistence.enabled) (not (eq .Values.persistence.provider "local")) }} - name: data emptyDir: {} {{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} diff --git a/charts/open-webui/values.yaml b/charts/open-webui/values.yaml index 0b72425..61fe780 100644 --- a/charts/open-webui/values.yaml +++ b/charts/open-webui/values.yaml @@ -211,6 +211,33 @@ persistence: storageClass: "" selector: {} annotations: {} + # -- Sets the storage provider, availables values are `local`, `s3`, `gcs` or `azure` + provider: local + s3: + # -- Sets the access key ID for S3 storage + accessKey: "" + # -- Sets the secret access key for S3 storage + secretKey: "" + # -- Sets the endpoint url for S3 storage + endpointUrl: "" + # -- Sets the region name for S3 storage + region: "" + # -- Sets the bucket name for S3 storage + bucket: "" + # -- Sets the key prefix for a S3 object + keyPrefix: "" + gcs: + # -- Contents of Google Application Credentials JSON file. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account + appCredentialsJson: "" + # -- Sets the bucket name for Google Cloud Storage. Bucket must already exist + bucket: "" + azure: + # -- Sets the endpoint URL for Azure Storage + endpointUrl: + # -- Sets the container name for Azure Storage + container: "" + # -- Set the access key for Azure Storage. Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services + key: "" # -- Node labels for pod assignment. nodeSelector: {} @@ -433,3 +460,27 @@ extraResources: # name: example-configmap # data: # example-key: example-value + +# -- Configure database URL, needed to work with Postgres (example: `postgresql://:@:/`), leave empty to use the default sqlite database +databaseUrl: "" + +# -- Postgresql configuration (see. https://artifacthub.io/packages/helm/bitnami/postgresql) +postgresql: + enabled: false + fullnameOverride: open-webui-postgres + architecture: standalone + auth: + database: open-webui + postgresPassword: 0p3n-w3bu! + username: open-webui + password: 0p3n-w3bu! + primary: + persistence: + size: 1Gi + resources: + requests: + memory: 256Mi + cpu: 250m + limits: + memory: 512Mi + cpu: 500m