87 lines
2.0 KiB
YAML
87 lines
2.0 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: open-webui
|
|
---
|
|
apiVersion: onepassword.com/v1
|
|
kind: OnePasswordItem
|
|
metadata:
|
|
name: open-webui-oidc-client-secret
|
|
namespace: open-webui
|
|
spec:
|
|
itemPath: "vaults/cluster/items/open-webui-oidc-client-secret"
|
|
---
|
|
apiVersion: source.toolkit.fluxcd.io/v1
|
|
kind: HelmRepository
|
|
metadata:
|
|
name: open-webui-repo
|
|
namespace: flux-system
|
|
spec:
|
|
interval: 15m0s
|
|
url: https://helm.openwebui.com
|
|
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: open-webui
|
|
namespace: open-webui
|
|
spec:
|
|
chart:
|
|
spec:
|
|
chart: open-webui
|
|
reconcileStrategy: ChartVersion
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: open-webui-repo
|
|
namespace: flux-system
|
|
version: 8.6.x
|
|
interval: 1m0s
|
|
values:
|
|
ollama:
|
|
enabled: false
|
|
fullnameOverride: open-webui-ollama
|
|
ollama:
|
|
gpu:
|
|
enabled: true
|
|
type: nvidia
|
|
nvidiaResource: "nvidia.com/gpu-all"
|
|
number: 1
|
|
persistentVolume:
|
|
enabled: true
|
|
size: 100Gi
|
|
resources:
|
|
requests:
|
|
memory: 4Gi
|
|
limits:
|
|
memory: 55Gi
|
|
pipelines:
|
|
enabled: false
|
|
|
|
# Ingress via Traefik
|
|
ingress:
|
|
enabled: true
|
|
class: traefik
|
|
host: chat.yadunut.dev
|
|
tls: true
|
|
existingSecret: wildcard-cert-yadunut.dev-prod
|
|
|
|
# Use built-in sqlite persistence (PVC)
|
|
persistence:
|
|
enabled: true
|
|
accessModes: ["ReadWriteOnce"]
|
|
|
|
# OIDC via Authentik
|
|
sso:
|
|
enabled: true
|
|
enableSignup: true
|
|
mergeAccountsByEmail: true
|
|
oidc:
|
|
enabled: true
|
|
providerName: "Authentik"
|
|
providerUrl: "https://authentik.yadunut.dev/application/o/open-webui/.well-known/openid-configuration"
|
|
clientId: "Z37HQwWBYxax4vwN047B8PWr3JxT6qMAOtCAyJ4Z"
|
|
clientExistingSecret: open-webui-oidc-client-secret
|
|
clientExistingSecretKey: password
|
|
scopes: "openid email profile"
|