mirror of
https://github.com/open-webui/helm-charts
synced 2025-06-26 18:16:14 +00:00
Compare commits
68 Commits
open-webui
...
open-webui
| Author | SHA1 | Date | |
|---|---|---|---|
|
5fb77716b7 | ||
|
dad4af5dfe | ||
|
|
b0f84e533c | ||
|
|
85a85c5d8d | ||
|
28bda01652 | ||
|
|
59b8824246 | ||
|
7a3678cd53 | ||
|
|
4601246f1b | ||
|
61ad8836b7 | ||
|
|
d417dc1ea3 | ||
|
|
f38ccab08e | ||
|
|
623d36db3f | ||
|
|
ac8bf7a7e6 | ||
|
|
85e3544b08 | ||
|
|
e03a80610b | ||
|
|
73b5127c50 | ||
|
|
51a151fc4c | ||
|
|
d723530b13 | ||
|
|
545738a200 | ||
|
|
7f59bbbb39 | ||
|
|
5fcc219066 | ||
|
|
caab2a349c | ||
|
|
27c984c2bc | ||
|
|
a06544036b | ||
|
|
7c31452932 | ||
|
|
9f439a1629 | ||
|
|
78ba8db769 | ||
|
82a1bb0270 | ||
|
|
30918f40a0 | ||
|
|
9a67c0b46f | ||
|
1c091cbd03 | ||
|
|
22b300940a | ||
|
|
ac86a1bc75 | ||
|
|
b6c8264928 | ||
|
|
e3ab5addb5 | ||
|
|
7a93256102 | ||
|
|
a5073d40f2 | ||
|
|
86e42681ca | ||
|
|
e6c33ca07c | ||
|
|
01b61f5f64 | ||
|
|
d7e40d7c9a | ||
|
|
66173b69b8 | ||
|
|
e9c86cd6fc | ||
|
|
9a0a156353 | ||
|
|
ea67916135 | ||
|
|
f8ae1e036e | ||
|
|
bfca2d950b | ||
|
ebef0fe568 | ||
|
|
c2ad4c072d | ||
|
|
4449c53971 | ||
|
|
bf84642781 | ||
|
|
e4aaf6ed9c | ||
|
|
d7a8188b30 | ||
|
|
94aeb86dce | ||
|
|
8e19d0e938 | ||
|
|
b0234bc9a9 | ||
|
|
a79f362f7c | ||
|
|
fa01ccd3c4 | ||
|
|
f1c4efb94f | ||
|
|
4c789ac788 | ||
|
|
34969f304e | ||
|
|
bb57d8c928 | ||
|
|
f8dfeaaa3f | ||
|
|
73728f7f7b | ||
|
|
e7b4f8b9b9 | ||
|
599f908d0b | ||
|
|
dd622e3c58 | ||
|
|
e5ed86fb0a |
22
.github/workflows/helm-test-open-webui.yml
vendored
22
.github/workflows/helm-test-open-webui.yml
vendored
@@ -20,20 +20,21 @@ jobs:
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
|
||||
- name: Lint open-webui Helm Chart
|
||||
run: |
|
||||
helm lint ./charts/open-webui
|
||||
|
||||
- name: Add Dependency Repos
|
||||
run: |
|
||||
helm repo add ollama https://otwld.github.io/ollama-helm/
|
||||
helm repo add open-webui https://helm.openwebui.com/
|
||||
helm repo add tika https://apache.jfrog.io/artifactory/tika/
|
||||
helm repo add redis https://charts.bitnami.com/bitnami
|
||||
helm repo add bitnami https://charts.bitnami.com/bitnami
|
||||
|
||||
- name: Build open-webui Helm dependencies
|
||||
run: |
|
||||
helm dependency build ./charts/open-webui
|
||||
|
||||
- name: Lint open-webui Helm Chart
|
||||
run: |
|
||||
helm lint ./charts/open-webui
|
||||
|
||||
test-deploy:
|
||||
name: Test Chart Deployment
|
||||
runs-on: ubuntu-latest
|
||||
@@ -52,6 +53,17 @@ jobs:
|
||||
- name: Set up KinD Cluster
|
||||
uses: helm/kind-action@v1
|
||||
|
||||
- name: Add Dependency Repos
|
||||
run: |
|
||||
helm repo add ollama https://otwld.github.io/ollama-helm/
|
||||
helm repo add open-webui https://helm.openwebui.com/
|
||||
helm repo add tika https://apache.jfrog.io/artifactory/tika/
|
||||
helm repo add bitnami https://charts.bitnami.com/bitnami
|
||||
|
||||
- name: Build open-webui Helm dependencies
|
||||
run: |
|
||||
helm dependency build ./charts/open-webui
|
||||
|
||||
- name: Template open-webui Helm Chart
|
||||
run: |
|
||||
helm template open-webui ./charts/open-webui \
|
||||
|
||||
4
.gitignore
vendored
4
.gitignore
vendored
@@ -122,4 +122,8 @@ Temporary Items
|
||||
# iCloud generated files
|
||||
*.icloud
|
||||
|
||||
### Helm ###
|
||||
# Chart dependencies
|
||||
**/charts/*.tgz
|
||||
|
||||
# End of https://www.toptal.com/developers/gitignore/api/macos,intellij+all,helm
|
||||
@@ -2,9 +2,6 @@
|
||||
|
||||
## How to Contribute
|
||||
|
||||
> [!WARNING]
|
||||
> There is currently a bug in the Helm Chart Releaser Github Action that prevents you from deploying more than one chart on a single run. The best workaround for now is to ensure that pushes to `main` only include changes to a single chart. If you're contributing to more than one chart, please do it in separate PRs until the upstream issue is fixed, or until we can fork and fix the action ourselves.
|
||||
|
||||
1. **Fork the repository** and create your branch from `main`.
|
||||
2. **Make your changes** and ensure they follow the guidelines below.
|
||||
3. **Test your changes** locally to ensure everything works as expected. This should include deploying your updates to a live Kubernetes cluster (whether local or remote).
|
||||
|
||||
@@ -1,15 +1,18 @@
|
||||
dependencies:
|
||||
- name: ollama
|
||||
repository: https://otwld.github.io/ollama-helm/
|
||||
version: 1.12.0
|
||||
version: 1.19.0
|
||||
- name: pipelines
|
||||
repository: https://helm.openwebui.com
|
||||
version: 0.5.0
|
||||
version: 0.7.0
|
||||
- name: tika
|
||||
repository: https://apache.jfrog.io/artifactory/tika
|
||||
version: 2.9.0
|
||||
- name: redis
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 20.11.4
|
||||
digest: sha256:05f1cd5e4bfc7ca7f293e13b8ce12b7edf5ba33ba55ec151eccf86cfb30b180a
|
||||
generated: "2025-03-30T15:26:22.6382Z"
|
||||
version: 21.1.11
|
||||
- name: postgresql
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 16.7.6
|
||||
digest: sha256:f39c2f265e59a8f64ee5131a69d56d0a4b4993ce63b86f0b90018b7828c3fe5f
|
||||
generated: "2025-05-30T11:59:07.637437-06:00"
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
apiVersion: v2
|
||||
name: open-webui
|
||||
version: 5.26.0
|
||||
appVersion: 0.5.20
|
||||
version: 6.19.0
|
||||
appVersion: 0.6.13
|
||||
home: https://www.openwebui.com/
|
||||
icon: >-
|
||||
https://raw.githubusercontent.com/open-webui/open-webui/main/static/favicon.png
|
||||
@@ -43,3 +43,8 @@ dependencies:
|
||||
version: '>=20.6.2'
|
||||
alias: redis-cluster
|
||||
condition: redis-cluster.enabled
|
||||
- name: postgresql
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: '>=15.5.38'
|
||||
alias: postgresql
|
||||
condition: postgresql.enabled
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# open-webui
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Open WebUI: A User-Friendly Web Interface for Chat Interactions 👋
|
||||
|
||||
@@ -34,12 +34,62 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://apache.jfrog.io/artifactory/tika | tika | >=2.9.0 |
|
||||
| https://charts.bitnami.com/bitnami | postgresql(postgresql) | >=15.5.38 |
|
||||
| https://charts.bitnami.com/bitnami | redis-cluster(redis) | >=20.6.2 |
|
||||
| https://helm.openwebui.com | pipelines | >=0.0.1 |
|
||||
| https://otwld.github.io/ollama-helm/ | ollama | >=0.24.0 |
|
||||
|
||||
## Values
|
||||
|
||||
### Logging configuration
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| logging.components.audio | string | `""` | Set the log level for the Audio processing component |
|
||||
| logging.components.comfyui | string | `""` | Set the log level for the ComfyUI Integration component |
|
||||
| logging.components.config | string | `""` | Set the log level for the Configuration Management component |
|
||||
| logging.components.db | string | `""` | Set the log level for the Database Operations (Peewee) component |
|
||||
| logging.components.images | string | `""` | Set the log level for the Image Generation component |
|
||||
| logging.components.main | string | `""` | Set the log level for the Main Application Execution component |
|
||||
| logging.components.models | string | `""` | Set the log level for the Model Management component |
|
||||
| logging.components.ollama | string | `""` | Set the log level for the Ollama Backend Integration component |
|
||||
| logging.components.openai | string | `""` | Set the log level for the OpenAI API Integration component |
|
||||
| logging.components.rag | string | `""` | Set the log level for the Retrieval-Augmented Generation (RAG) component |
|
||||
| logging.components.webhook | string | `""` | Set the log level for the Authentication Webhook component |
|
||||
| logging.level | string | `""` | Set the global log level ["notset", "debug", "info" (default), "warning", "error", "critical"] |
|
||||
|
||||
### Azure Storage configuration
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| persistence.azure.container | string | `""` | Sets the container name for Azure Storage |
|
||||
| persistence.azure.endpointUrl | string | `""` | Sets the endpoint URL for Azure Storage |
|
||||
| persistence.azure.key | string | `""` | Set the access key for Azure Storage (ignored if keyExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services |
|
||||
| persistence.azure.keyExistingSecret | string | `""` | Set the access key for Azure Storage from existing secret |
|
||||
| persistence.azure.keyExistingSecretKey | string | `""` | Set the access key for Azure Storage from existing secret key |
|
||||
|
||||
### Google Cloud Storage configuration
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| persistence.gcs.appCredentialsJson | string | `""` | Contents of Google Application Credentials JSON file (ignored if appCredentialsJsonExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account |
|
||||
| persistence.gcs.appCredentialsJsonExistingSecret | string | `""` | Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret |
|
||||
| persistence.gcs.appCredentialsJsonExistingSecretKey | string | `""` | Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret key |
|
||||
| persistence.gcs.bucket | string | `""` | Sets the bucket name for Google Cloud Storage. Bucket must already exist |
|
||||
|
||||
### Amazon S3 Storage configuration
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| persistence.s3.accessKey | string | `""` | Sets the access key ID for S3 storage |
|
||||
| persistence.s3.bucket | string | `""` | Sets the bucket name for S3 storage |
|
||||
| persistence.s3.endpointUrl | string | `""` | Sets the endpoint url for S3 storage |
|
||||
| persistence.s3.keyPrefix | string | `""` | Sets the key prefix for a S3 object |
|
||||
| persistence.s3.region | string | `""` | Sets the region name for S3 storage |
|
||||
| persistence.s3.secretKey | string | `""` | Sets the secret access key for S3 storage (ignored if secretKeyExistingSecret is set) |
|
||||
| persistence.s3.secretKeyExistingSecret | string | `""` | Set the secret access key for S3 storage from existing k8s secret |
|
||||
| persistence.s3.secretKeyExistingSecretKey | string | `""` | Set the secret access key for S3 storage from existing k8s secret key |
|
||||
|
||||
### SSO Configuration
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
@@ -55,24 +105,30 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| sso.github.clientExistingSecret | string | `""` | GitHub OAuth client secret from existing secret |
|
||||
| sso.github.clientExistingSecretKey | string | `""` | GitHub OAuth client secret key from existing secret |
|
||||
| sso.github.clientId | string | `""` | GitHub OAuth client ID |
|
||||
| sso.github.clientSecret | string | `""` | GitHub OAuth client secret |
|
||||
| sso.github.clientSecret | string | `""` | GitHub OAuth client secret (ignored if clientExistingSecret is set) |
|
||||
| sso.github.enabled | bool | `false` | Enable GitHub OAuth |
|
||||
|
||||
### Google OAuth configuration
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| sso.google.clientExistingSecret | string | `""` | Google OAuth client secret from existing secret |
|
||||
| sso.google.clientExistingSecretKey | string | `""` | Google OAuth client secret key from existing secret |
|
||||
| sso.google.clientId | string | `""` | Google OAuth client ID |
|
||||
| sso.google.clientSecret | string | `""` | Google OAuth client secret |
|
||||
| sso.google.clientSecret | string | `""` | Google OAuth client secret (ignored if clientExistingSecret is set) |
|
||||
| sso.google.enabled | bool | `false` | Enable Google OAuth |
|
||||
|
||||
### Microsoft OAuth configuration
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| sso.microsoft.clientExistingSecret | string | `""` | Microsoft OAuth client secret from existing secret |
|
||||
| sso.microsoft.clientExistingSecretKey | string | `""` | Microsoft OAuth client secret key from existing secret |
|
||||
| sso.microsoft.clientId | string | `""` | Microsoft OAuth client ID |
|
||||
| sso.microsoft.clientSecret | string | `""` | Microsoft OAuth client secret |
|
||||
| sso.microsoft.clientSecret | string | `""` | Microsoft OAuth client secret (ignored if clientExistingSecret is set) |
|
||||
| sso.microsoft.enabled | bool | `false` | Enable Microsoft OAuth |
|
||||
| sso.microsoft.tenantId | string | `""` | Microsoft tenant ID - use 9188040d-6c67-4c5b-b112-36a304b66dad for personal accounts |
|
||||
|
||||
@@ -80,8 +136,10 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| sso.oidc.clientExistingSecret | string | `""` | OICD client secret from existing secret |
|
||||
| sso.oidc.clientExistingSecretKey | string | `""` | OIDC client secret key from existing secret |
|
||||
| sso.oidc.clientId | string | `""` | OIDC client ID |
|
||||
| sso.oidc.clientSecret | string | `""` | OIDC client secret |
|
||||
| sso.oidc.clientSecret | string | `""` | OIDC client secret (ignored if clientExistingSecret is set) |
|
||||
| sso.oidc.enabled | bool | `false` | Enable OIDC authentication |
|
||||
| sso.oidc.providerName | string | `"SSO"` | Name of the provider to show on the UI |
|
||||
| sso.oidc.providerUrl | string | `""` | OIDC provider well known URL |
|
||||
@@ -110,9 +168,12 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
| affinity | object | `{}` | Affinity for pod assignment |
|
||||
| annotations | object | `{}` | |
|
||||
| clusterDomain | string | `"cluster.local"` | Value of cluster domain |
|
||||
| commonEnvVars | list | `[]` | Env vars added to the Open WebUI deployment, common across environments. Most up-to-date environment variables can be found here: https://docs.openwebui.com/getting-started/env-configuration/ (caution: environment variables defined in both `extraEnvVars` and `commonEnvVars` will result in a conflict. Avoid duplicates) |
|
||||
| containerSecurityContext | object | `{}` | Configure container security context ref: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-containe> |
|
||||
| copyAppData.resources | object | `{}` | |
|
||||
| databaseUrl | string | `""` | Configure database URL, needed to work with Postgres (example: `postgresql://<user>:<password>@<service>:<port>/<database>`), leave empty to use the default sqlite database |
|
||||
| enableOpenaiApi | bool | `true` | Enables the use of OpenAI APIs |
|
||||
| extraEnvFrom | list | `[]` | Env vars added from configmap or secret to the Open WebUI deployment. Most up-to-date environment variables can be found here: https://docs.openwebui.com/getting-started/env-configuration/ (caution: `extraEnvVars` will take precedence over the value from `extraEnvFrom`) |
|
||||
| extraEnvVars | list | `[{"name":"OPENAI_API_KEY","value":"0p3n-w3bu!"}]` | Env vars added to the Open WebUI deployment. Most up-to-date environment variables can be found here: https://docs.openwebui.com/getting-started/env-configuration/ |
|
||||
| extraEnvVars[0] | object | `{"name":"OPENAI_API_KEY","value":"0p3n-w3bu!"}` | Default API key value for Pipelines. Should be updated in a production deployment, or be changed to the required API key if not using Pipelines |
|
||||
| extraInitContainers | list | `[]` | Additional init containers to add to the deployment/statefulset ref: <https://kubernetes.io/docs/concepts/workloads/pods/init-containers/> |
|
||||
@@ -125,6 +186,7 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
| ingress.class | string | `""` | |
|
||||
| ingress.enabled | bool | `false` | |
|
||||
| ingress.existingSecret | string | `""` | |
|
||||
| ingress.extraLabels | object | `{}` | Additional custom labels to add to the Ingress metadata Useful for tagging, selecting, or applying policies to the Ingress via labels. |
|
||||
| ingress.host | string | `"chat.example.com"` | |
|
||||
| ingress.tls | bool | `false` | |
|
||||
| livenessProbe | object | `{}` | Probe for liveness of the Open WebUI container ref: <https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes> |
|
||||
@@ -144,6 +206,7 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
| persistence.annotations | object | `{}` | |
|
||||
| persistence.enabled | bool | `true` | |
|
||||
| persistence.existingClaim | string | `""` | Use existingClaim if you want to re-use an existing Open WebUI PVC instead of creating a new one |
|
||||
| persistence.provider | string | `"local"` | Sets the storage provider, availables values are `local`, `s3`, `gcs` or `azure` |
|
||||
| persistence.selector | object | `{}` | |
|
||||
| persistence.size | string | `"2Gi"` | |
|
||||
| persistence.storageClass | string | `""` | |
|
||||
@@ -153,6 +216,7 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
| podAnnotations | object | `{}` | |
|
||||
| podLabels | object | `{}` | |
|
||||
| podSecurityContext | object | `{}` | Configure pod security context ref: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container> |
|
||||
| postgresql | object | `{"architecture":"standalone","auth":{"database":"open-webui","password":"0p3n-w3bu!","postgresPassword":"0p3n-w3bu!","username":"open-webui"},"enabled":false,"fullnameOverride":"open-webui-postgres","primary":{"persistence":{"size":"1Gi"},"resources":{"limits":{"cpu":"500m","memory":"512Mi"},"requests":{"cpu":"250m","memory":"256Mi"}}}}` | Postgresql configuration (see. https://artifacthub.io/packages/helm/bitnami/postgresql) |
|
||||
| readinessProbe | object | `{}` | Probe for readiness of the Open WebUI container ref: <https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes> |
|
||||
| redis-cluster | object | `{"auth":{"enabled":false},"enabled":false,"fullnameOverride":"open-webui-redis","replica":{"replicaCount":3}}` | Deploys a Redis cluster with subchart 'redis' from bitnami |
|
||||
| redis-cluster.auth | object | `{"enabled":false}` | Redis Authentication |
|
||||
@@ -163,7 +227,7 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
| redis-cluster.replica.replicaCount | int | `3` | Number of Redis replica instances |
|
||||
| replicaCount | int | `1` | |
|
||||
| resources | object | `{}` | |
|
||||
| runtimeClassName | string | `""` | Allows changing the Runtime Class. For ex. to "nvidia" if nvidia container runtime is installed but not default. |
|
||||
| runtimeClassName | string | `""` | Configure runtime class ref: <https://kubernetes.io/docs/concepts/containers/runtime-class/> |
|
||||
| service | object | `{"annotations":{},"containerPort":8080,"labels":{},"loadBalancerClass":"","nodePort":"","port":80,"type":"ClusterIP"}` | Service values to expose Open WebUI pods to cluster |
|
||||
| serviceAccount.annotations | object | `{}` | |
|
||||
| serviceAccount.automountServiceAccountToken | bool | `false` | |
|
||||
@@ -178,7 +242,8 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
| volumes | list | `[]` | Configure pod volumes ref: <https://kubernetes.io/docs/tasks/configure-pod-container/configure-volume-storage/> |
|
||||
| websocket.enabled | bool | `false` | Enables websocket support in Open WebUI with env `ENABLE_WEBSOCKET_SUPPORT` |
|
||||
| websocket.manager | string | `"redis"` | Specifies the websocket manager to use with env `WEBSOCKET_MANAGER`: redis (default) |
|
||||
| websocket.redis | object | `{"affinity":{},"annotations":{},"args":[],"command":[],"enabled":true,"image":{"pullPolicy":"IfNotPresent","repository":"redis","tag":"7.4.2-alpine3.21"},"labels":{},"name":"open-webui-redis","pods":{"annotations":{}},"resources":{},"securityContext":{},"service":{"annotations":{},"containerPort":6379,"labels":{},"nodePort":"","port":6379,"type":"ClusterIP"},"tolerations":[]}` | Deploys a redis |
|
||||
| websocket.nodeSelector | object | `{}` | Node selector for websocket pods |
|
||||
| websocket.redis | object | `{"affinity":{},"annotations":{},"args":[],"command":[],"enabled":true,"image":{"pullPolicy":"IfNotPresent","repository":"redis","tag":"7.4.2-alpine3.21"},"labels":{},"name":"open-webui-redis","pods":{"annotations":{},"labels":{}},"resources":{},"securityContext":{},"service":{"annotations":{},"containerPort":6379,"labels":{},"nodePort":"","port":6379,"type":"ClusterIP"},"tolerations":[]}` | Deploys a redis |
|
||||
| websocket.redis.affinity | object | `{}` | Redis affinity for pod assignment |
|
||||
| websocket.redis.annotations | object | `{}` | Redis annotations |
|
||||
| websocket.redis.args | list | `[]` | Redis arguments (overrides default) |
|
||||
@@ -187,8 +252,9 @@ helm upgrade --install open-webui open-webui/open-webui
|
||||
| websocket.redis.image | object | `{"pullPolicy":"IfNotPresent","repository":"redis","tag":"7.4.2-alpine3.21"}` | Redis image |
|
||||
| websocket.redis.labels | object | `{}` | Redis labels |
|
||||
| websocket.redis.name | string | `"open-webui-redis"` | Redis name |
|
||||
| websocket.redis.pods | object | `{"annotations":{}}` | Redis pod |
|
||||
| websocket.redis.pods | object | `{"annotations":{},"labels":{}}` | Redis pod |
|
||||
| websocket.redis.pods.annotations | object | `{}` | Redis pod annotations |
|
||||
| websocket.redis.pods.labels | object | `{}` | Redis pod labels |
|
||||
| websocket.redis.resources | object | `{}` | Redis resources |
|
||||
| websocket.redis.securityContext | object | `{}` | Redis security context |
|
||||
| websocket.redis.service | object | `{"annotations":{},"containerPort":6379,"labels":{},"nodePort":"","port":6379,"type":"ClusterIP"}` | Redis service |
|
||||
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@@ -169,3 +169,79 @@ Create labels to include on chart all websocket resources
|
||||
{{ include "base.labels" . }}
|
||||
{{ include "websocket.redis.selectorLabels" . }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Validate SSO ClientSecret to be set literally or via Secret
|
||||
*/}}
|
||||
{{- define "sso.validateClientSecret" -}}
|
||||
{{- $provider := .provider }}
|
||||
{{- $values := .values }}
|
||||
{{- if and (empty (index $values $provider "clientSecret")) (empty (index $values $provider "clientExistingSecret")) }}
|
||||
{{- fail (printf "You must provide either .Values.sso.%s.clientSecret or .Values.sso.%s.clientExistingSecret" $provider $provider) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- /*
|
||||
Fail template rendering if invalid log component
|
||||
*/ -}}
|
||||
{{- define "logging.isValidComponent" -}}
|
||||
{{- $component := . | lower -}}
|
||||
{{- $validComponents := dict
|
||||
"audio" true
|
||||
"comfyui" true
|
||||
"config" true
|
||||
"db" true
|
||||
"images" true
|
||||
"main" true
|
||||
"models" true
|
||||
"ollama" true
|
||||
"openai" true
|
||||
"rag" true
|
||||
"webhook" true
|
||||
-}}
|
||||
{{- hasKey $validComponents $component -}}
|
||||
{{- end }}
|
||||
|
||||
|
||||
{{- define "logging.assertValidComponent" -}}
|
||||
{{- $component := lower . -}}
|
||||
{{- $res := include "logging.isValidComponent" $component }}
|
||||
{{- if ne $res "true" }}
|
||||
{{- fail (printf "Invalid logging component name: '%s'. Valid names: audio, comfyui, config, db, images, main, models, ollama, openai, rag, webhook" $component) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- /*
|
||||
Fail template rendering if invalid log level
|
||||
*/ -}}
|
||||
{{- define "logging.assertValidLevel" -}}
|
||||
{{- $level := lower . }}
|
||||
{{- $validLevels := dict "notset" true "debug" true "info" true "warning" true "error" true "critical" true }}
|
||||
{{- if not (hasKey $validLevels $level) }}
|
||||
{{- fail (printf "Invalid log level: '%s'. Valid values are: notset, debug, info, warning, error, critical" $level) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- /*
|
||||
Render a logging env var for a component, validating value
|
||||
*/ -}}
|
||||
{{- define "logging.componentEnvVar" -}}
|
||||
{{- $name := .componentName }}
|
||||
{{- $level := .logLevel }}
|
||||
{{- include "logging.assertValidComponent" $name -}}
|
||||
{{- include "logging.assertValidLevel" $level }}
|
||||
- name: {{ printf "%s_LOG_LEVEL" (upper $name) | quote }}
|
||||
value: {{ $level | quote | trim }}
|
||||
{{- end }}
|
||||
|
||||
{{- /*
|
||||
Constructs a string containing the URLs of the Open WebUI based on the ingress configuration
|
||||
used to populate the variable WEBUI_URL
|
||||
*/ -}}
|
||||
{{- define "openweb-ui.url" -}}
|
||||
{{- $proto := "http" -}}
|
||||
{{- if .Values.ingress.tls -}}
|
||||
{{- $proto = "https" -}}
|
||||
{{- end -}}
|
||||
{{- printf "%s://%s" $proto $.Values.ingress.host }}
|
||||
{{- end }}
|
||||
|
||||
@@ -6,6 +6,9 @@ metadata:
|
||||
namespace: {{ include "open-webui.namespace" . }}
|
||||
labels:
|
||||
{{- include "open-webui.labels" . | nindent 4 }}
|
||||
{{- with .Values.ingress.extraLabels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.ingress.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
|
||||
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) (eq .Values.persistence.provider "local") }}
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
|
||||
@@ -21,6 +21,9 @@ spec:
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "websocket.redis.labels" . | nindent 8 }}
|
||||
{{- with .Values.websocket.redis.pods.labels }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- with .Values.websocket.redis.pods.annotations }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
@@ -61,6 +64,10 @@ spec:
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.websocket.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
apiVersion: apps/v1
|
||||
{{- if .Values.persistence.enabled }}
|
||||
{{- if and .Values.persistence.enabled (eq .Values.persistence.provider "local") }}
|
||||
kind: StatefulSet
|
||||
{{- else }}
|
||||
kind: Deployment
|
||||
@@ -15,14 +15,14 @@ metadata:
|
||||
{{- end }}
|
||||
spec:
|
||||
replicas: {{ .Values.replicaCount }}
|
||||
{{- if .Values.persistence.enabled }}
|
||||
{{- if and .Values.persistence.enabled (eq .Values.persistence.provider "local") }}
|
||||
serviceName: {{ include "open-webui.name" . }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "open-webui.selectorLabels" . | nindent 6 }}
|
||||
{{- if .Values.strategy }}
|
||||
{{- if .Values.persistence.enabled }}
|
||||
{{- if and .Values.persistence.enabled (eq .Values.persistence.provider "local") }}
|
||||
updateStrategy:
|
||||
{{- toYaml .Values.strategy | nindent 4 }}
|
||||
{{- else }}
|
||||
@@ -119,6 +119,10 @@ spec:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
env:
|
||||
{{- if .Values.ingress.enabled }}
|
||||
- name: WEBUI_URL
|
||||
value: {{ include "openweb-ui.url" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.ollamaUrlsFromExtraEnv}}
|
||||
{{- else if or .Values.ollamaUrls .Values.ollama.enabled }}
|
||||
- name: "OLLAMA_BASE_URLS"
|
||||
@@ -147,15 +151,65 @@ spec:
|
||||
- name: "ENABLE_OPENAI_API"
|
||||
value: "False"
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvVars }}
|
||||
{{- toYaml .Values.extraEnvVars | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.tika.enabled }}
|
||||
- name: "CONTENT_EXTRACTION_ENGINE"
|
||||
value: "Tika"
|
||||
- name: "TIKA_SERVER_URL"
|
||||
value: http://{{ .Chart.Name }}-tika:9998
|
||||
{{- end }}
|
||||
{{- if eq .Values.persistence.provider "s3" }}
|
||||
- name: "STORAGE_PROVIDER"
|
||||
value: {{ .Values.persistence.provider }}
|
||||
- name: "S3_ACCESS_KEY_ID"
|
||||
value: {{ .Values.persistence.s3.accessKey }}
|
||||
- name: "S3_SECRET_ACCESS_KEY"
|
||||
{{- if .Values.persistence.s3.secretKeyExistingSecret }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.persistence.s3.secretKeyExistingSecret }}
|
||||
key: {{ .Values.persistence.s3.secretKeyExistingSecretKey }}
|
||||
{{- else }}
|
||||
value: {{ .Values.persistence.s3.secretKey }}
|
||||
{{- end }}
|
||||
- name: "S3_ENDPOINT_URL"
|
||||
value: {{ .Values.persistence.s3.endpointUrl }}
|
||||
- name: "S3_BUCKET_NAME"
|
||||
value: {{ .Values.persistence.s3.bucket }}
|
||||
- name: "S3_REGION_NAME"
|
||||
value: {{ .Values.persistence.s3.region }}
|
||||
- name: "S3_KEY_PREFIX"
|
||||
value: {{ .Values.persistence.s3.keyPrefix }}
|
||||
{{- else if eq .Values.persistence.provider "gcs" }}
|
||||
- name: "STORAGE_PROVIDER"
|
||||
value: {{ .Values.persistence.provider }}
|
||||
- name: "GOOGLE_APPLICATION_CREDENTIALS_JSON"
|
||||
{{- if .Values.persistence.gcs.appCredentialsJsonExistingSecret }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.persistence.gcs.appCredentialsJsonExistingSecret }}
|
||||
key: {{ .Values.persistence.gcs.appCredentialsJsonExistingSecretKey }}
|
||||
{{- else }}
|
||||
value: {{ .Values.persistence.gcs.appCredentialsJson }}
|
||||
{{- end }}
|
||||
- name: "GCS_BUCKET_NAME"
|
||||
value: {{ .Values.persistence.gcs.bucket }}
|
||||
{{- else if eq .Values.persistence.provider "azure" }}
|
||||
- name: "STORAGE_PROVIDER"
|
||||
value: {{ .Values.persistence.provider }}
|
||||
- name: "AZURE_STORAGE_ENDPOINT"
|
||||
value: {{ .Values.persistence.azure.endpointUrl }}
|
||||
- name: "AZURE_STORAGE_CONTAINER_NAME"
|
||||
value: {{ .Values.persistence.azure.container }}
|
||||
- name: "AZURE_STORAGE_KEY"
|
||||
{{- if .Values.persistence.azure.keyExistingSecret }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.persistence.azure.keyExistingSecret }}
|
||||
key: {{ .Values.persistence.azure.keyExistingSecretKey }}
|
||||
{{- else }}
|
||||
value: {{ .Values.persistence.azure.key }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.websocket.enabled }}
|
||||
- name: "ENABLE_WEBSOCKET_SUPPORT"
|
||||
value: "True"
|
||||
@@ -164,6 +218,10 @@ spec:
|
||||
- name: "WEBSOCKET_REDIS_URL"
|
||||
value: {{ .Values.websocket.url | quote }}
|
||||
{{- end }}
|
||||
{{- if or .Values.postgresql.enabled .Values.databaseUrl }}
|
||||
- name: "DATABASE_URL"
|
||||
value: {{ .Values.databaseUrl | default (printf "postgresql://%s:%s@%s:%s/%s" .Values.postgresql.auth.username .Values.postgresql.auth.password .Values.postgresql.fullnameOverride "5432" .Values.postgresql.auth.database) }}
|
||||
{{- end }}
|
||||
{{- if .Values.sso.enabled }}
|
||||
{{- if .Values.sso.enableSignup }}
|
||||
- name: "ENABLE_OAUTH_SIGNUP"
|
||||
@@ -176,28 +234,60 @@ spec:
|
||||
{{- if .Values.sso.google.enabled }}
|
||||
- name: "GOOGLE_CLIENT_ID"
|
||||
value: {{ .Values.sso.google.clientId | quote }}
|
||||
{{- include "sso.validateClientSecret" (dict "provider" "google" "values" .Values.sso) }}
|
||||
- name: "GOOGLE_CLIENT_SECRET"
|
||||
{{- if .Values.sso.google.clientExistingSecret }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.sso.google.clientExistingSecret | quote }}
|
||||
key: {{ .Values.sso.google.clientExistingSecretKey | quote }}
|
||||
{{- else }}
|
||||
value: {{ .Values.sso.google.clientSecret | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.sso.microsoft.enabled }}
|
||||
- name: "MICROSOFT_CLIENT_ID"
|
||||
value: {{ .Values.sso.microsoft.clientId | quote }}
|
||||
{{- include "sso.validateClientSecret" (dict "provider" "microsoft" "values" .Values.sso) }}
|
||||
- name: "MICROSOFT_CLIENT_SECRET"
|
||||
{{- if .Values.sso.microsoft.clientExistingSecret }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.sso.microsoft.clientExistingSecret | quote }}
|
||||
key: {{ .Values.sso.microsoft.clientExistingSecretKey | quote }}
|
||||
{{- else }}
|
||||
value: {{ .Values.sso.microsoft.clientSecret | quote }}
|
||||
{{- end }}
|
||||
- name: "MICROSOFT_CLIENT_TENANT_ID"
|
||||
value: {{ .Values.sso.microsoft.tenantId | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.sso.github.enabled }}
|
||||
- name: "GITHUB_CLIENT_ID"
|
||||
value: {{ .Values.sso.github.clientId | quote }}
|
||||
{{- include "sso.validateClientSecret" (dict "provider" "github" "values" .Values.sso) }}
|
||||
- name: "GITHUB_CLIENT_SECRET"
|
||||
{{- if .Values.sso.github.clientExistingSecret }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.sso.github.clientExistingSecret | quote }}
|
||||
key: {{ .Values.sso.github.clientExistingSecretKey | quote }}
|
||||
{{- else }}
|
||||
value: {{ .Values.sso.github.clientSecret | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.sso.oidc.enabled }}
|
||||
- name: "OAUTH_CLIENT_ID"
|
||||
value: {{ .Values.sso.oidc.clientId | quote }}
|
||||
{{- include "sso.validateClientSecret" (dict "provider" "oidc" "values" .Values.sso) }}
|
||||
- name: "OAUTH_CLIENT_SECRET"
|
||||
{{- if .Values.sso.oidc.clientExistingSecret }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.sso.oidc.clientExistingSecret | quote }}
|
||||
key: {{ .Values.sso.oidc.clientExistingSecretKey | quote }}
|
||||
{{- else }}
|
||||
value: {{ .Values.sso.oidc.clientSecret | quote }}
|
||||
{{- end }}
|
||||
- name: "OPENID_PROVIDER_URL"
|
||||
value: {{ .Values.sso.oidc.providerUrl | quote }}
|
||||
- name: "OAUTH_PROVIDER_NAME"
|
||||
@@ -234,6 +324,29 @@ spec:
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.logging.level }}
|
||||
{{- include "logging.assertValidLevel" .Values.logging.level }}
|
||||
- name: "GLOBAL_LOG_LEVEL"
|
||||
value: {{ .Values.logging.level | quote }}
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.logging.components }}
|
||||
{{- range $name, $level := .Values.logging.components }}
|
||||
{{- if $level }}
|
||||
{{- include "logging.componentEnvVar" (dict "componentName" $name "logLevel" $level) | indent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvVars }}
|
||||
{{- toYaml .Values.extraEnvVars | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonEnvVars }}
|
||||
{{- toYaml .Values.commonEnvVars | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvFrom }}
|
||||
envFrom:
|
||||
{{- toYaml .Values.extraEnvFrom | nindent 8 }}
|
||||
{{- end }}
|
||||
tty: true
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
@@ -260,7 +373,7 @@ spec:
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.persistence.existingClaim }}
|
||||
{{- else if not .Values.persistence.enabled }}
|
||||
{{- else if or (not .Values.persistence.enabled) (not (eq .Values.persistence.provider "local")) }}
|
||||
- name: data
|
||||
emptyDir: {}
|
||||
{{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
|
||||
|
||||
@@ -44,6 +44,8 @@ websocket:
|
||||
manager: redis
|
||||
# -- Specifies the URL of the Redis instance for websocket communication. Template with `redis://[:<password>@]<hostname>:<port>/<db>`
|
||||
url: redis://open-webui-redis:6379/0
|
||||
# -- Node selector for websocket pods
|
||||
nodeSelector: {}
|
||||
# -- Deploys a redis
|
||||
redis:
|
||||
# -- Enable redis installation
|
||||
@@ -56,6 +58,8 @@ websocket:
|
||||
annotations: {}
|
||||
# -- Redis pod
|
||||
pods:
|
||||
# -- Redis pod labels
|
||||
labels: {}
|
||||
# -- Redis pod annotations
|
||||
annotations: {}
|
||||
# -- Redis image
|
||||
@@ -198,6 +202,13 @@ ingress:
|
||||
additionalHosts: []
|
||||
tls: false
|
||||
existingSecret: ""
|
||||
|
||||
# -- Additional custom labels to add to the Ingress metadata
|
||||
# Useful for tagging, selecting, or applying policies to the Ingress via labels.
|
||||
extraLabels: {}
|
||||
# extraLabels:
|
||||
# app.kubernetes.io/environment: "staging"
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 2Gi
|
||||
@@ -211,6 +222,62 @@ persistence:
|
||||
storageClass: ""
|
||||
selector: {}
|
||||
annotations: {}
|
||||
# -- Sets the storage provider, availables values are `local`, `s3`, `gcs` or `azure`
|
||||
provider: local
|
||||
s3:
|
||||
# -- Sets the access key ID for S3 storage
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
accessKey: ""
|
||||
# -- Sets the secret access key for S3 storage (ignored if secretKeyExistingSecret is set)
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
secretKey: ""
|
||||
# -- Set the secret access key for S3 storage from existing k8s secret
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
secretKeyExistingSecret: ""
|
||||
# -- Set the secret access key for S3 storage from existing k8s secret key
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
secretKeyExistingSecretKey: ""
|
||||
# -- Sets the endpoint url for S3 storage
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
endpointUrl: ""
|
||||
# -- Sets the region name for S3 storage
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
region: ""
|
||||
# -- Sets the bucket name for S3 storage
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
bucket: ""
|
||||
# -- Sets the key prefix for a S3 object
|
||||
# @section -- Amazon S3 Storage configuration
|
||||
keyPrefix: ""
|
||||
gcs:
|
||||
# -- Contents of Google Application Credentials JSON file (ignored if appCredentialsJsonExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Google Metadata server if run on a Google Compute Engine. File can be generated for a service account following this guide: https://developers.google.com/workspace/guides/create-credentials#service-account
|
||||
# @section -- Google Cloud Storage configuration
|
||||
appCredentialsJson: ""
|
||||
# -- Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret
|
||||
# @section -- Google Cloud Storage configuration
|
||||
appCredentialsJsonExistingSecret: ""
|
||||
# -- Set the Google Application Credentials JSON file for Google Cloud Storage from existing secret key
|
||||
# @section -- Google Cloud Storage configuration
|
||||
appCredentialsJsonExistingSecretKey: ""
|
||||
# -- Sets the bucket name for Google Cloud Storage. Bucket must already exist
|
||||
# @section -- Google Cloud Storage configuration
|
||||
bucket: ""
|
||||
azure:
|
||||
# -- Sets the endpoint URL for Azure Storage
|
||||
# @section -- Azure Storage configuration
|
||||
endpointUrl: ""
|
||||
# -- Sets the container name for Azure Storage
|
||||
# @section -- Azure Storage configuration
|
||||
container: ""
|
||||
# -- Set the access key for Azure Storage (ignored if keyExistingSecret is set). Optional - if not provided, credentials will be taken from the environment. User credentials if run locally and Managed Identity if run in Azure services
|
||||
# @section -- Azure Storage configuration
|
||||
key: ""
|
||||
# -- Set the access key for Azure Storage from existing secret
|
||||
# @section -- Azure Storage configuration
|
||||
keyExistingSecret: ""
|
||||
# -- Set the access key for Azure Storage from existing secret key
|
||||
# @section -- Azure Storage configuration
|
||||
keyExistingSecretKey: ""
|
||||
|
||||
# -- Node labels for pod assignment.
|
||||
nodeSelector: {}
|
||||
@@ -266,6 +333,18 @@ extraEnvVars:
|
||||
# - name: OLLAMA_DEBUG
|
||||
# value: "1"
|
||||
|
||||
# -- Env vars added to the Open WebUI deployment, common across environments. Most up-to-date environment variables can be found here: https://docs.openwebui.com/getting-started/env-configuration/ (caution: environment variables defined in both `extraEnvVars` and `commonEnvVars` will result in a conflict. Avoid duplicates)
|
||||
commonEnvVars: []
|
||||
# - name: RAG_EMBEDDING_ENGINE
|
||||
# value: "openai"
|
||||
|
||||
# -- Env vars added from configmap or secret to the Open WebUI deployment. Most up-to-date environment variables can be found here: https://docs.openwebui.com/getting-started/env-configuration/ (caution: `extraEnvVars` will take precedence over the value from `extraEnvFrom`)
|
||||
extraEnvFrom: []
|
||||
# - configMapRef:
|
||||
# name: my-config
|
||||
# - secretRef:
|
||||
# name: my-secret
|
||||
|
||||
# -- Configure runtime class
|
||||
# ref: <https://kubernetes.io/docs/concepts/containers/runtime-class/>
|
||||
runtimeClassName: ""
|
||||
@@ -348,9 +427,15 @@ sso:
|
||||
# -- Google OAuth client ID
|
||||
# @section -- Google OAuth configuration
|
||||
clientId: ""
|
||||
# -- Google OAuth client secret
|
||||
# -- Google OAuth client secret (ignored if clientExistingSecret is set)
|
||||
# @section -- Google OAuth configuration
|
||||
clientSecret: ""
|
||||
# -- Google OAuth client secret from existing secret
|
||||
# @section -- Google OAuth configuration
|
||||
clientExistingSecret: ""
|
||||
# -- Google OAuth client secret key from existing secret
|
||||
# @section -- Google OAuth configuration
|
||||
clientExistingSecretKey: ""
|
||||
|
||||
microsoft:
|
||||
# -- Enable Microsoft OAuth
|
||||
@@ -359,9 +444,15 @@ sso:
|
||||
# -- Microsoft OAuth client ID
|
||||
# @section -- Microsoft OAuth configuration
|
||||
clientId: ""
|
||||
# -- Microsoft OAuth client secret
|
||||
# -- Microsoft OAuth client secret (ignored if clientExistingSecret is set)
|
||||
# @section -- Microsoft OAuth configuration
|
||||
clientSecret: ""
|
||||
# -- Microsoft OAuth client secret from existing secret
|
||||
# @section -- Microsoft OAuth configuration
|
||||
clientExistingSecret: ""
|
||||
# -- Microsoft OAuth client secret key from existing secret
|
||||
# @section -- Microsoft OAuth configuration
|
||||
clientExistingSecretKey: ""
|
||||
# -- Microsoft tenant ID - use 9188040d-6c67-4c5b-b112-36a304b66dad for personal accounts
|
||||
# @section -- Microsoft OAuth configuration
|
||||
tenantId: ""
|
||||
@@ -373,9 +464,15 @@ sso:
|
||||
# -- GitHub OAuth client ID
|
||||
# @section -- GitHub OAuth configuration
|
||||
clientId: ""
|
||||
# -- GitHub OAuth client secret
|
||||
# -- GitHub OAuth client secret (ignored if clientExistingSecret is set)
|
||||
# @section -- GitHub OAuth configuration
|
||||
clientSecret: ""
|
||||
# -- GitHub OAuth client secret from existing secret
|
||||
# @section -- GitHub OAuth configuration
|
||||
clientExistingSecret: ""
|
||||
# -- GitHub OAuth client secret key from existing secret
|
||||
# @section -- GitHub OAuth configuration
|
||||
clientExistingSecretKey: ""
|
||||
|
||||
oidc:
|
||||
# -- Enable OIDC authentication
|
||||
@@ -384,9 +481,15 @@ sso:
|
||||
# -- OIDC client ID
|
||||
# @section -- OIDC configuration
|
||||
clientId: ""
|
||||
# -- OIDC client secret
|
||||
# -- OIDC client secret (ignored if clientExistingSecret is set)
|
||||
# @section -- OIDC configuration
|
||||
clientSecret: ""
|
||||
# -- OICD client secret from existing secret
|
||||
# @section -- OIDC configuration
|
||||
clientExistingSecret: ""
|
||||
# -- OIDC client secret key from existing secret
|
||||
# @section -- OIDC configuration
|
||||
clientExistingSecretKey: ""
|
||||
# -- OIDC provider well known URL
|
||||
# @section -- OIDC configuration
|
||||
providerUrl: ""
|
||||
@@ -433,3 +536,70 @@ extraResources:
|
||||
# name: example-configmap
|
||||
# data:
|
||||
# example-key: example-value
|
||||
|
||||
# -- Configure database URL, needed to work with Postgres (example: `postgresql://<user>:<password>@<service>:<port>/<database>`), leave empty to use the default sqlite database
|
||||
databaseUrl: ""
|
||||
|
||||
# -- Postgresql configuration (see. https://artifacthub.io/packages/helm/bitnami/postgresql)
|
||||
postgresql:
|
||||
enabled: false
|
||||
fullnameOverride: open-webui-postgres
|
||||
architecture: standalone
|
||||
auth:
|
||||
database: open-webui
|
||||
postgresPassword: 0p3n-w3bu!
|
||||
username: open-webui
|
||||
password: 0p3n-w3bu!
|
||||
primary:
|
||||
persistence:
|
||||
size: 1Gi
|
||||
resources:
|
||||
requests:
|
||||
memory: 256Mi
|
||||
cpu: 250m
|
||||
limits:
|
||||
memory: 512Mi
|
||||
cpu: 500m
|
||||
|
||||
# Configure Application logging levels (see. https://docs.openwebui.com/getting-started/advanced-topics/logging#-logging-levels-explained)
|
||||
logging:
|
||||
# -- Set the global log level ["notset", "debug", "info" (default), "warning", "error", "critical"]
|
||||
# @section -- Logging configuration
|
||||
level: ""
|
||||
|
||||
# Optional granularity: override log levels per subsystem/component
|
||||
# if not set, it will use the global level (see. https://docs.openwebui.com/getting-started/advanced-topics/logging#%EF%B8%8F-appbackend-specific-logging-levels)
|
||||
components:
|
||||
# -- Set the log level for the Audio processing component
|
||||
# @section -- Logging configuration
|
||||
audio: ""
|
||||
# -- Set the log level for the ComfyUI Integration component
|
||||
# @section -- Logging configuration
|
||||
comfyui: ""
|
||||
# -- Set the log level for the Configuration Management component
|
||||
# @section -- Logging configuration
|
||||
config: ""
|
||||
# -- Set the log level for the Database Operations (Peewee) component
|
||||
# @section -- Logging configuration
|
||||
db: ""
|
||||
# -- Set the log level for the Image Generation component
|
||||
# @section -- Logging configuration
|
||||
images: ""
|
||||
# -- Set the log level for the Main Application Execution component
|
||||
# @section -- Logging configuration
|
||||
main: ""
|
||||
# -- Set the log level for the Model Management component
|
||||
# @section -- Logging configuration
|
||||
models: ""
|
||||
# -- Set the log level for the Ollama Backend Integration component
|
||||
# @section -- Logging configuration
|
||||
ollama: ""
|
||||
# -- Set the log level for the OpenAI API Integration component
|
||||
# @section -- Logging configuration
|
||||
openai: ""
|
||||
# -- Set the log level for the Retrieval-Augmented Generation (RAG) component
|
||||
# @section -- Logging configuration
|
||||
rag: ""
|
||||
# -- Set the log level for the Authentication Webhook component
|
||||
# @section -- Logging configuration
|
||||
webhook: ""
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: pipelines
|
||||
version: 0.5.0
|
||||
version: 0.7.0
|
||||
appVersion: "alpha"
|
||||
|
||||
home: https://github.com/open-webui/pipelines
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# pipelines
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Pipelines: UI-Agnostic OpenAI API Plugin Framework
|
||||
|
||||
@@ -33,6 +33,8 @@ helm upgrade --install open-webui open-webui/pipelines
|
||||
| affinity | object | `{}` | Affinity for pod assignment |
|
||||
| annotations | object | `{}` | |
|
||||
| clusterDomain | string | `"cluster.local"` | Value of cluster domain |
|
||||
| commonEnvVars | list | `[]` | Additional environments variables on the output Deployment definition, common across environments |
|
||||
| containerSecurityContext | object | `{}` | Configure container security context ref: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-containe> |
|
||||
| extraEnvVars | list | `[{"name":"PIPELINES_URLS","value":"https://github.com/open-webui/pipelines/blob/main/examples/filters/detoxify_filter_pipeline.py"}]` | Additional environments variables on the output Deployment definition. These are used to pull initial Pipeline files, and help configure Pipelines with required values (e.g. Langfuse API keys) |
|
||||
| extraEnvVars[0] | object | `{"name":"PIPELINES_URLS","value":"https://github.com/open-webui/pipelines/blob/main/examples/filters/detoxify_filter_pipeline.py"}` | Example pipeline to pull and load on deployment startup, see current pipelines here: https://github.com/open-webui/pipelines/blob/main/examples |
|
||||
| extraInitContainers | list | `[]` | Additional init containers to add to the deployment ref: <https://kubernetes.io/docs/concepts/workloads/pods/init-containers/> |
|
||||
@@ -60,6 +62,7 @@ helm upgrade --install open-webui open-webui/pipelines
|
||||
| persistence.storageClass | string | `""` | |
|
||||
| podAnnotations | object | `{}` | |
|
||||
| podLabels | object | `{}` | |
|
||||
| podSecurityContext | object | `{}` | Configure pod security context ref: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container> |
|
||||
| replicaCount | int | `1` | |
|
||||
| resources | object | `{}` | |
|
||||
| service.annotations | object | `{}` | |
|
||||
|
||||
@@ -43,6 +43,10 @@ spec:
|
||||
{{- if .Values.serviceAccount.enable }}
|
||||
serviceAccountName: {{ .Values.serviceAccount.name | default (include "pipelines.name" .) }}
|
||||
{{- end }}
|
||||
{{- with .Values.podSecurityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
{{- with .Values.image }}
|
||||
@@ -55,6 +59,10 @@ spec:
|
||||
{{- with .Values.resources }}
|
||||
resources: {{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- with .Values.containerSecurityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /app/pipelines
|
||||
@@ -65,6 +73,9 @@ spec:
|
||||
{{- if .Values.extraEnvVars }}
|
||||
{{- toYaml .Values.extraEnvVars | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonEnvVars }}
|
||||
{{- toYaml .Values.commonEnvVars | nindent 8 }}
|
||||
{{- end }}
|
||||
tty: true
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
@@ -97,4 +108,4 @@ spec:
|
||||
{{- end }}
|
||||
{{- with .Values.volumes }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -46,6 +46,31 @@ serviceAccount:
|
||||
enable: true
|
||||
automountServiceAccountToken: false
|
||||
|
||||
# -- Configure pod security context
|
||||
# ref: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container>
|
||||
podSecurityContext:
|
||||
{}
|
||||
# fsGroupChangePolicy: Always
|
||||
# sysctls: []
|
||||
# supplementalGroups: []
|
||||
# fsGroup: 1001
|
||||
|
||||
# -- Configure container security context
|
||||
# ref: <https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-containe>
|
||||
containerSecurityContext:
|
||||
{}
|
||||
# runAsUser: 1001
|
||||
# runAsGroup: 1001
|
||||
# runAsNonRoot: true
|
||||
# privileged: false
|
||||
# allowPrivilegeEscalation: false
|
||||
# readOnlyRootFilesystem: false
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - ALL
|
||||
# seccompProfile:
|
||||
# type: "RuntimeDefault"
|
||||
|
||||
# -- Node labels for pod assignment.
|
||||
nodeSelector: {}
|
||||
|
||||
@@ -93,6 +118,9 @@ extraEnvVars:
|
||||
# - name: LANGFUSE_HOST
|
||||
# value: https://us.cloud.langfuse.com
|
||||
|
||||
# -- Additional environments variables on the output Deployment definition, common across environments.
|
||||
commonEnvVars: []
|
||||
|
||||
# -- Configure container volume mounts
|
||||
# ref: <https://kubernetes.io/docs/tasks/configure-pod-container/configure-volume-storage/>
|
||||
volumeMounts: []
|
||||
|
||||
Reference in New Issue
Block a user