open-webui mit helm.chart Konfig

2026-01-06 08:17:14 +01:00
parent 3bdc7ecaa4
commit 3efc060d0e
3 changed files with 78 additions and 14 deletions
--- a/argocd/apps/keycloak/values-keycloak.yaml
+++ b/argocd/apps/keycloak/values-keycloak.yaml
@@ -1,17 +1,15 @@
-#apiVersion: cert-manager.io/v1
+apiVersion: traefik.io/v1alpha1
-#kind: Certificate
+kind: Middleware
-#metadata:
+metadata:
-#  name: keycloak-tls
+  name: keycloak-headers
-#  namespace: kube-system
+  namespace: kube-system
-#spec:
+spec:
-#  secretName: keycloak-tls
+  headers:
-#  issuerRef:
+    customRequestHeaders:
-#    name: lets-encrypt
+      X-Forwarded-Proto: "https"
-#    kind: ClusterIssuer
+      X-Forwarded-Port: "443"
-#  dnsNames:
+
-#    - keycloak.innovation-hub-niedersachsen.de
+---
 #
 #---
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -23,6 +21,8 @@ spec:
  routes:
    - match: Host(`keycloak.innovation-hub-niedersachsen.de`)
      kind: Rule
      middlewares:
        - name: keycloak-headers
      services:
        - name: keycloak-external
          port: 8080
@@ -40,3 +40,19 @@ spec:
  externalName: keycloak.innohub.local
  ports:
    - port: 8080
 #---
 #apiVersion: cert-manager.io/v1
 #kind: Certificate
 #metadata:
 #  name: keycloak-tls
 #  namespace: kube-system
 #spec:
 #  secretName: keycloak-tls
 #  issuerRef:
 #    name: lets-encrypt
 #    kind: ClusterIssuer
 #  dnsNames:
 #    - keycloak.innovation-hub-niedersachsen.de
 #
--- a/argocd/apps/open-webui/openwebui.yaml
+++ b/argocd/apps/open-webui/openwebui.yaml
--- a/argocd/apps/open-webui/values-openwebui.yaml
+++ b/argocd/apps/open-webui/values-openwebui.yaml
@@ -0,0 +1,48 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: open-webui
  finalizers:
    - resources-finalizer.argocd.argoproj.io
 spec:
  project: default
  source:
    repoURL: 'https://helm.openwebui.com/'
    targetRevision: 8.*.*
    chart: open-webui
    helm:
      values: |
        serviceAccount:
          enable: false
        persistence:
          size: 200Gi
          existingClaim: "open-webui"
          storageClass: longhorn
        ollama:
          enabled: false
        ingress:
          enabled: true
          class: traefik
          host: "innollm.innovation-hub-niedersachsen.de"
          tls: true
          existingSecret: "innollm-tls"
          annotations:
            kubernetes.io/ingress.class: traefik
            traefik.ingress.kubernetes.io/router.tls: "true"
            cert-manager.io/cluster-issuer: lets-encrypt
  destination:
    server: 'https://kubernetes.default.svc'
    namespace: open-webui
  syncPolicy:
    managedNamespaceMetadata:
      labels:
        pod-security.kubernetes.io/enforce: 'privileged'
    automated:
      selfHeal: true
      prune: true
    syncOptions:
      - CreateNamespace=true