74 lines
1.8 KiB
YAML
74 lines
1.8 KiB
YAML
---
|
|
apiVersion: source.toolkit.fluxcd.io/v1
|
|
kind: HelmRepository
|
|
metadata:
|
|
name: open-webui
|
|
namespace: openwebui
|
|
spec:
|
|
interval: 24h
|
|
url: https://open-webui.github.io/helm-charts
|
|
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: openwebui
|
|
namespace: openwebui
|
|
spec:
|
|
interval: 30m
|
|
chart:
|
|
spec:
|
|
chart: open-webui
|
|
version: 12.11.0
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: open-webui
|
|
values:
|
|
# Disable built in ingress, service is broken in chart
|
|
# They have hard coded wrong target port
|
|
# Reimplementing that in ingress.yaml
|
|
ingress:
|
|
enabled: false
|
|
|
|
persistence:
|
|
enabled: true
|
|
existingClaim: openwebui-lvmhdd
|
|
|
|
enableOpenaiApi: true
|
|
openaiBaseApiUrl: "http://llama.llama.svc.cluster.local:11434/v1"
|
|
|
|
ollama:
|
|
enabled: false
|
|
|
|
pipelines:
|
|
enabled: true
|
|
persistence:
|
|
enabled: true
|
|
existingClaim: openwebui-pipelines-lvmhdd
|
|
|
|
# SSO with Authentik
|
|
extraEnvVars:
|
|
- name: WEBUI_URL
|
|
value: "https://openwebui.lumpiasty.xyz"
|
|
- name: OAUTH_CLIENT_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: openwebui-authentik
|
|
key: client_id
|
|
- name: OAUTH_CLIENT_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: openwebui-authentik
|
|
key: client_secret
|
|
- name: OAUTH_PROVIDER_NAME
|
|
value: "authentik"
|
|
- name: OPENID_PROVIDER_URL
|
|
value: "https://authentik.lumpiasty.xyz/application/o/open-web-ui/.well-known/openid-configuration"
|
|
- name: OPENID_REDIRECT_URI
|
|
value: "https://openwebui.lumpiasty.xyz/oauth/oidc/callback"
|
|
- name: ENABLE_OAUTH_SIGNUP
|
|
value: "true"
|
|
- name: ENABLE_LOGIN_FORM
|
|
value: "false"
|
|
- name: OAUTH_MERGE_ACCOUNTS_BY_EMAIL
|
|
value: "true"
|