Refactor paperless-ai Helm chart for improved configuration

This update substantially refactors the paperless-ai Helm chart.
Key changes include:

- Complete removal of outdated files: `.helmignore`, `LICENSE`,
  `README.adoc`, and several template files like `configfileConfigmap.yaml`,
  `configmap.yaml`, `dataPvc.yaml`, `envfileSecret.yaml`,
  `openAiApiSecret.yaml`, `paperlessApiSecret.yaml`, and others.

- Introduction of a new Persistent Volume Claim configuration in
  `pvc.yaml` to simplify storage management.

- Significant updates to `Chart.yaml` for better metadata, including
  a new maintainer and project description in German.

- Enhancements to the main deployment template in `deployment.yaml`,
  focusing on clarity and proper utilization of Kubernetes security
  contexts, environment variables, and container properties.

- Updated service definitions in `service.yaml` with better labels
  and service properties.

- Refined the `ingress.yaml` to improve external service access
  management, including annotations for potential customization.

These changes were implemented to modernize the Helm chart based on
the current best practices, improve user experience, and set a
foundation for future enhancements. There are no breaking changes to
the existing user configurations.

charts/paperless-ai/.helmignore

@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/

charts/paperless-ai/Chart.yaml

@@ -1,26 +1,17 @@
 apiVersion: v2
 name: paperless-ai
-description: A Helm chart for deploying clusterzx/paperless-ai on Kubernetes.
-type: application
-home: https://github.com/ChiliChonka/paperless-ai-helm-chart
+description: Ein Helm Chart für Paperless AI, basierend auf der Docker Compose Konfiguration.
+version: 0.1.0
+appVersion: 3.0.7
 keywords:
-  - paperless-ngx
-  - paperless
   - paperless-ai
-  - Content Management System
-  - Document Management System
-  - Machine Learning
-  - Artificial Intelligence
-  - Ollama
-  - OpenAI API
-  - Automated Document Analyzer
-maintainers:
-  - name: ChiliChonka
-    url: https://github.com/ChiliChonka
+  - document-management
+  - ai
+home: https://git.cooltux.net/marko/HelmChartSammlung/src/branch/main/charts/paperless-ai
 sources:
-  - https://github.com/ChiliChonka/paperless-ai-helm-chart
   - https://github.com/clusterzx/paperless-ai
-  - https://github.com/paperless-ngx/paperless-ngx
-  - https://github.com/ChiliChonka/paperless-ngx-helm-chart
-version: 0.7.0
-appVersion: "3.0.7"
+  - https://git.cooltux.net/marko/HelmChartSammlung/src/branch/main/charts/paperless-ai
+maintainers:
+  - name: Marko Oldenburg
+    email: development@cooltux.net
+    url: https://git.cooltux.net/marko

charts/paperless-ai/LICENSE

@@ -1,21 +0,0 @@
-MIT License
-
-Copyright (c) 2025 Marko Oldenburg
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.

charts/paperless-ai/README.adoc

@@ -1,33 +0,0 @@
-= paperless-ai-helm-chart
-
-A Helm chart for deploying https://github.com/clusterzx/paperless-ai[clusterzx/paperless-ai] on Kubernetes.
-
-== 🚧 Under Construction 🚧
-
-Thank you for visiting the *paperless-ai Helm Chart* repository! 🎉
-
-This project is currently under construction, and we are actively working on setting it up. 
-Please check back soon for updates, or feel free to follow the repository to stay informed about our progress.
-
-In the meantime, if you have any questions or suggestions, don't hesitate to open an issue or reach out.
-
-Thank you for your patience and support!
- 
-The paperless-ai-helm-chart Team ❤️
-
-
-== Helm Chart
-
-=== Repository
-
-The helm chart is not deployed to a repository yet.
-
-=== Installation
-
-You can define your custom values files based on `paperless-ai/values.yaml`. Just copy and update the values, which should be overwritten and delete the other parts out of your customized values.yaml file.
-
-Install the helm chart with the following command:
-
-`helm upgrade --install MY-RELEASE ./paperless-ai -f YOUR-CUSTOM-VALUES-FILE.yaml`
-
-Please keep in mind to set the paperless configuration. See current values.yaml file.

charts/paperless-ai/files/config.js

@@ -1,17 +0,0 @@
-require('dotenv').config();
-
-module.exports = {
-  paperless: {
-    apiUrl: process.env.PAPERLESS_API_URL,
-    apiToken: process.env.PAPERLESS_API_TOKEN
-  },
-  openai: {
-    apiKey: process.env.OPENAI_API_KEY
-  },
-  ollama: {
-    apiUrl: process.env.OLLAMA_API_URL || 'http://localhost:11434',
-    model: process.env.OLLAMA_MODEL || 'llama2'
-  },
-  aiProvider: process.env.AI_PROVIDER || 'openai',
-  scanInterval: process.env.SCAN_INTERVAL || '*/30 * * * *'
-};

charts/paperless-ai/templates/NOTES.txt

@@ -1,22 +0,0 @@
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range $host := .Values.ingress.hosts }}
-  {{- range .paths }}
-  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
-  {{- end }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "paperless-ai.fullname" . }})
-  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
-     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "paperless-ai.fullname" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "paperless-ai.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
-  echo http://$SERVICE_IP:{{ .Values.service.port }}
-{{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "paperless-ai.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
-  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
-  echo "Visit http://127.0.0.1:8080 to use your application"
-  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
-{{- end }}

charts/paperless-ai/templates/_helpers.tpl

@@ -1,79 +1,67 @@
 {{/*
-Expand the name of the chart.
+_helpers.tpl
+Enthält nützliche Template-Funktionen, die in anderen Chart-Templates verwendet werden.
+*/}}
+
+{{/*
+Erweitert den Namen des Charts.
 */}}
 {{- define "paperless-ai.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
 
 {{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
+Erstellt einen vollständig qualifizierten App-Namen.
+Wir kürzen auf 63 Zeichen, da einige Kubernetes-Namenfelder darauf beschränkt sind (gemäß DNS-Namensspezifikation).
+Wenn der Release-Name den Chart-Namen enthält, wird er als vollständiger Name verwendet.
 */}}
 {{- define "paperless-ai.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
 
 {{/*
-Create chart name and version as used by the chart label.
+Erstellt den Chart-Namen und die Version, wie sie vom Chart-Label verwendet werden.
 */}}
 {{- define "paperless-ai.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
 
 {{/*
-Common labels
+Gängige Labels, die allen Ressourcen hinzugefügt werden.
 */}}
 {{- define "paperless-ai.labels" -}}
 helm.sh/chart: {{ include "paperless-ai.chart" . }}
 {{ include "paperless-ai.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+app.kubernetes.io/app-version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
+{{- end -}}
 
 {{/*
-Selector labels
+Selector-Labels, die für die Auswahl von Pods verwendet werden.
 */}}
 {{- define "paperless-ai.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "paperless-ai.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
+{{- end -}}
 
 {{/*
-Create the name of the service account to use
+Erstellt den Namen des zu verwendenden Service Accounts.
 */}}
 {{- define "paperless-ai.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "paperless-ai.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{/*
-Generiert den Inhalt der .env-Datei aus den Werten in .Values.secretEnv
-*/}}
-{{- define "generateEnv" -}}
-{{- if .Values.paperless.apiUrl }}PAPERLESS_API_URL={{ .Values.paperless.apiUrl }}{{ "\n" }}{{- end }}
-{{- if .Values.ai.provider }}AI_PROVIDER={{ .Values.ai.provider }}{{ "\n" }}{{- end }}
-{{- if .Values.ai.addProcessedTag }}ADD_AI_PROCESSED_TAG={{ .Values.ai.addProcessedTag }}{{ "\n" }}{{- end }}
-{{- if .Values.ai.processedTagName }}AI_PROCESSED_TAG_NAME={{ .Values.ai.processedTagName }}{{ "\n" }}{{- end }}
-{{- if .Values.prompt.useTags }}USE_PROMPT_TAGS={{ .Values.prompt.useTags }}{{ "\n" }}{{- end }}
-{{- if .Values.prompt.tags }}PROMPT_TAGS={{ .Values.prompt.tags }}{{ "\n" }}{{- end }}
-{{- if .Values.scanInterval }}SCAN_INTERVAL={{ .Values.scanInterval }}{{ "\n" }}{{- end }}
-{{- if .Values.systemPrompt }}SYSTEM_PROMPT=`{{ .Values.systemPrompt }}`{{ "\n" }}{{- end }}
-{{- if .Values.processPredefinedDocuments }}PROCESS_PREDEFINED_DOCUMENTS={{ .Values.processPredefinedDocuments }}{{ "\n" }}{{- end }}
-TAGS={{ .Values.tags }}{{ "\n" }}
-{{- if .Values.openAi.model }}OPENAI_MODEL={{ .Values.openAi.model }}{{ "\n" }}{{- end }}
-{{- end }}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "paperless-ai.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}

charts/paperless-ai/templates/configfileConfigmap.yaml

@@ -1,9 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "paperless-ai.fullname" . }}-config-file
-  labels:
-    {{- include "paperless-ai.labels" . | nindent 4 }}
-data:
-  config.js: |
-    {{- (.Files.Get "files/config.js") | nindent 4 }}

charts/paperless-ai/templates/configmap.yaml

@@ -1,22 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "paperless-ai.fullname" . }}-config
-  labels:
-    {{- include "paperless-ai.labels" . | nindent 4 }}
-data:
-{{- if .Values.paperless.apiUrl }}
-  PAPERLESS_API_URL: "{{ .Values.paperless.apiUrl }}"
-{{- end }}
-{{- if .Values.aiProvider }}
-  AI_PROVIDER: "{{ .Values.aiProvider }}"
-{{- end }}
-{{- if .Values.ollama.apiUrl }}
-  OLLAMA_API_URL: "{{ .Values.ollama.apiUrl }}"
-{{- end }}
-{{- if .Values.ollama.model }}
-  OLLAMA_MODEL: "{{ .Values.ollama.model }}"
-{{- end }}
-{{- if .Values.scanInterval }}
-  SCAN_INTERVAL: "{{ .Values.scanInterval }}"
-{{- end }}

charts/paperless-ai/templates/dataPvc.yaml

@@ -1,15 +0,0 @@
-{{- if .Values.persistence.data.enabled }}
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: {{ include "paperless-ai.fullname" . }}-pvc-data
-  labels:
-    {{- include "paperless-ai.labels" . | nindent 4 }}
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: {{ .Values.persistence.data.size }}
-  storageClassName: {{ .Values.persistence.data.storageClass }}
-{{- end }}

charts/paperless-ai/templates/deployment.yaml

@@ -1,99 +1,76 @@
+# deployment.yaml
+# Definiert das Kubernetes Deployment für die Paperless AI Anwendung.
+# Ein Deployment verwaltet die Erstellung und Skalierung von Pods.
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ include "paperless-ai.fullname" . }}
+  name: {{ include "paperless-ai.fullname" . }} # Der Name des Deployments, generiert mit dem fullname-Template.
   labels:
-    {{- include "paperless-ai.labels" . | nindent 4 }}
+    {{- include "paperless-ai.labels" . | nindent 4 }} # Allgemeine Labels für das Deployment.
 spec:
-  replicas: {{ .Values.replicaCount }}
+  {{- if not .Values.autoscaling.enabled }}
+  replicas: {{ .Values.replicaCount }} # Anzahl der gewünschten Pod-Replikate, wenn Autoscaling deaktiviert ist.
+  {{- end }}
   selector:
     matchLabels:
-      {{- include "paperless-ai.selectorLabels" . | nindent 6 }}
+      {{- include "paperless-ai.selectorLabels" . | nindent 6 }} # Selector, um die Pods zu finden, die zu diesem Deployment gehören.
   template:
     metadata:
       {{- with .Values.podAnnotations }}
       annotations:
-        {{- toYaml . | nindent 8 }}
+        {{- toYaml . | nindent 8 }} # Zusätzliche Anmerkungen für den Pod.
       {{- end }}
       labels:
-        {{- include "paperless-ai.labels" . | nindent 8 }}
-        {{- with .Values.podLabels }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
+        {{- include "paperless-ai.selectorLabels" . | nindent 8 }} # Labels für den Pod.
     spec:
       {{- with .Values.imagePullSecrets }}
       imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
+        {{- toYaml . | nindent 8 }} # Secrets für den Image-Pull, falls private Registries verwendet werden.
       {{- end }}
+      serviceAccountName: {{ include "paperless-ai.serviceAccountName" . }} # Der zu verwendende Service Account.
+      {{- if .Values.securityContext.enabled }}
       securityContext:
-        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+        {{- toYaml .Values.securityContext.pod | nindent 8 }} # Sicherheitskontext-Einstellungen für den gesamten Pod.
+      {{- end }}
       containers:
-        - name: {{ .Chart.Name }}
+        - name: {{ .Chart.Name }} # Name des Containers.
+          {{- if .Values.securityContext.enabled }}
           securityContext:
-            {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
+            {{- toYaml .Values.securityContext.container | nindent 12 }} # Sicherheitskontext-Einstellungen für diesen Container.
+          {{- end }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" # Das zu verwendende Image.
+          imagePullPolicy: {{ .Values.image.pullPolicy }} # Die Image-Pull-Policy.
           ports:
-            - name: http
-              containerPort: {{ .Values.service.port }}
-              protocol: TCP
-          livenessProbe:
-            {{- toYaml .Values.livenessProbe | nindent 12 }}
-          readinessProbe:
-            {{- toYaml .Values.readinessProbe | nindent 12 }}
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-          {{- with .Values.envs }}
-          envs:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          envFrom:
-#            - configMapRef:
-#                name: {{ include "paperless-ai.fullname" . }}-config
-          {{- if .Values.openAi.apiKey }}
-            - secretRef:
-                name: {{ include "paperless-ai.fullname" . }}-open-ai-api
-          {{- end }}
-          {{- if .Values.paperless.apiToken }}
-            - secretRef:
-                name: {{ include "paperless-ai.fullname" . }}-paperless-api
-          {{- end }}
-          {{- if or .Values.persistence.config.enabled .Values.persistence.data.enabled }}
+            - name: http # Name des Ports.
+              containerPort: {{ .Values.service.targetPort }} # Der Port, der im Container geöffnet ist.
+              protocol: TCP # Das Protokoll des Ports.
+          env:
+            {{- range $key, $value := .Values.env }}
+            - name: {{ $key }} # Name der Umgebungsvariable.
+              value: {{ $value | quote }} # Wert der Umgebungsvariable.
+            {{- end }}
+          {{- if .Values.persistence.enabled }}
           volumeMounts:
-            - name: {{ include "paperless-ai.fullname" . }}-volume-config
-              mountPath: {{ .Values.persistence.config.mountPath }}
-              subPath: {{ .Values.persistence.config.subPath }}
-            - name: {{ include "paperless-ai.fullname" . }}-volume-envfile
-              mountPath: {{ .Values.persistence.envfile.mountPath }}
-              subPath: {{ .Values.persistence.envfile.subPath }}
-          {{- if .Values.persistence.data.enabled }}
-            - name: {{ include "paperless-ai.fullname" . }}-volume-data
-              mountPath: {{ .Values.persistence.data.mountPath }}
+            - name: paperless-ai-data # Name des Volumes, das gemountet werden soll.
+              mountPath: /app/data # Der Pfad im Container, an dem das Volume gemountet wird.
           {{- end }}
-          {{- end }}
-      {{- if or .Values.persistence.config.enabled .Values.persistence.data.enabled }}
-      volumes:
-        - name: {{ include "paperless-ai.fullname" . }}-volume-config
-          configMap:
-            name: {{ include "paperless-ai.fullname" . }}-config-file
-        - name: {{ include "paperless-ai.fullname" . }}-volume-envfile
-          secret:
-            secretName: {{ include "paperless-ai.fullname" . }}-env-file
-      {{- if .Values.persistence.data.enabled }}
-        - name: {{ include "paperless-ai.fullname" . }}-volume-data
-          persistentVolumeClaim:
-            claimName: {{ include "paperless-ai.fullname" . }}-pvc-data
-      {{- end }}
-      {{- end }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }} # Ressourcenanforderungen und -limits für den Container.
       {{- with .Values.nodeSelector }}
       nodeSelector:
-        {{- toYaml . | nindent 8 }}
+        {{- toYaml . | nindent 8 }} # Node-Selector-Regeln für die Pod-Platzierung.
       {{- end }}
       {{- with .Values.affinity }}
       affinity:
-        {{- toYaml . | nindent 8 }}
+        {{- toYaml . | nindent 8 }} # Affinitätsregeln für die Pod-Platzierung.
       {{- end }}
       {{- with .Values.tolerations }}
       tolerations:
-        {{- toYaml . | nindent 8 }}
+        {{- toYaml . | nindent 8 }} # Toleranzen für die Pod-Platzierung auf Tainted Nodes.
+      {{- end }}
+      {{- if .Values.persistence.enabled }}
+      volumes:
+        - name: paperless-ai-data # Definiert ein Volume mit dem Namen 'paperless-ai-data'.
+          persistentVolumeClaim:
+            claimName: {{ include "paperless-ai.fullname" . }}-data # Verweist auf den Persistent Volume Claim.
       {{- end }}

charts/paperless-ai/templates/envfileSecret.yaml

@@ -1,9 +0,0 @@
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
-  name: {{ include "paperless-ai.fullname" . }}-env-file
-  labels:
-    {{- include "paperless-ai.labels" . | nindent 4 }}
-data:
-  .env: {{ include "generateEnv" . | b64enc }}

charts/paperless-ai/templates/ingress.yaml

@@ -1,43 +1,38 @@
-{{- if .Values.ingress.enabled -}}
+# ingress.yaml
+# Definiert einen Kubernetes Ingress, um externen Zugriff auf den Service zu ermöglichen.
+# Standardmäßig ist dieser Ingress deaktiviert und muss in 'values.yaml' aktiviert werden.
+{{- if .Values.ingress.enabled -}} # Dieses Template wird nur gerendert, wenn 'ingress.enabled' true ist.
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: {{ include "paperless-ai.fullname" . }}
+  name: {{ include "paperless-ai.fullname" . }} # Der Name des Ingress.
   labels:
-    {{- include "paperless-ai.labels" . | nindent 4 }}
+    {{- include "paperless-ai.labels" . | nindent 4 }} # Allgemeine Labels für den Ingress.
   {{- with .Values.ingress.annotations }}
   annotations:
-    {{- toYaml . | nindent 4 }}
+    {{- toYaml . | nindent 4 }} # Zusätzliche Anmerkungen für den Ingress (z.B. für Cert-Manager oder Nginx-Controller).
   {{- end }}
 spec:
-  {{- with .Values.ingress.className }}
-  ingressClassName: {{ . }}
+  {{- if .Values.ingress.className }}
+  ingressClassName: {{ .Values.ingress.className }} # Der Name der Ingress-Klasse.
   {{- end }}
   {{- if .Values.ingress.tls }}
   tls:
-    {{- range .Values.ingress.tls }}
-    - hosts:
-        {{- range .hosts }}
-        - {{ . | quote }}
-        {{- end }}
-      secretName: {{ .secretName }}
-    {{- end }}
+    {{- toYaml .Values.ingress.tls | nindent 4 }} # TLS-Konfiguration für HTTPS.
   {{- end }}
   rules:
     {{- range .Values.ingress.hosts }}
-    - host: {{ .host | quote }}
+    - host: {{ .host | quote }} # Der Hostname für den Ingress.
       http:
         paths:
           {{- range .paths }}
-          - path: {{ .path }}
-            {{- with .pathType }}
-            pathType: {{ . }}
-            {{- end }}
+          - path: {{ .path }} # Der Pfad, der weitergeleitet werden soll.
+            pathType: {{ .pathType }} # Der Typ des Pfades (Prefix, Exact, ImplementationSpecific).
             backend:
               service:
-                name: {{ include "paperless-ai.fullname" $ }}
+                name: {{ include "paperless-ai.fullname" $ }} # Name des Services, an den weitergeleitet wird.
                 port:
-                  number: {{ $.Values.service.port }}
+                  number: {{ $.Values.service.port }} # Port des Services.
           {{- end }}
     {{- end }}
 {{- end }}

charts/paperless-ai/templates/openAiApiSecret.yaml

@@ -1,11 +0,0 @@
-{{- if .Values.openAi.apiKey }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "paperless-ai.fullname" . }}-open-ai-api
-  labels:
-    {{- include "paperless-ai.labels" . | nindent 4 }}
-type: Opaque
-data:
-  OPENAI_API_KEY: {{ .Values.openAi.apiKey  | b64enc | quote }}
-{{- end }}

charts/paperless-ai/templates/paperlessApiSecret.yaml

@@ -1,11 +0,0 @@
-{{- if .Values.paperless.apiToken }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "paperless-ai.fullname" . }}-paperless-api
-  labels:
-    {{- include "paperless-ai.labels" . | nindent 4 }}
-type: Opaque
-data:
-  PAPERLESS_API_TOKEN: {{ .Values.paperless.apiToken  | b64enc | quote }}
-{{- end }}

charts/paperless-ai/templates/pvc.yaml

@@ -0,0 +1,20 @@
+# pvc.yaml
+# Definiert einen Persistent Volume Claim (PVC) für die Paperless AI Anwendung.
+# Ein PVC fordert persistenten Speicher vom Kubernetes-Cluster an.
+{{- if .Values.persistence.enabled }} # Dieses Template wird nur gerendert, wenn 'persistence.enabled' true ist.
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ include "paperless-ai.fullname" . }}-data # Der Name des PVCs.
+  labels:
+    {{- include "paperless-ai.labels" . | nindent 4 }} # Allgemeine Labels für den PVC.
+spec:
+  accessModes:
+    - {{ .Values.persistence.accessMode }} # Der Zugriffsmodus für das Volume.
+  {{- if .Values.persistence.storageClassName }}
+  storageClassName: {{ .Values.persistence.storageClassName }} # Die StorageClass, die für die Bereitstellung des Volumes verwendet werden soll.
+  {{- end }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size }} # Die angeforderte Größe des Speichers.
+{{- end }}

charts/paperless-ai/templates/service.yaml

@@ -1,15 +1,15 @@
+# service.yaml
+# Definiert einen Kubernetes Service, der den Zugriff auf die Pods des Deployments ermöglicht.
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ include "paperless-ai.fullname" . }}
-  labels:
-    {{- include "paperless-ai.labels" . | nindent 4 }}
+  name: { { include "paperless-ai.fullname" . } } # Der Name des Services.
+  labels: { { - include "paperless-ai.labels" . | nindent 4 } } # Allgemeine Labels für den Service.
 spec:
-  type: {{ .Values.service.type }}
+  type: { { .Values.service.type } } # Der Typ des Services (z.B. ClusterIP, NodePort, LoadBalancer).
   ports:
-    - port: {{ .Values.service.port }}
-      targetPort: http
-      protocol: TCP
-      name: http
-  selector:
-    {{- include "paperless-ai.selectorLabels" . | nindent 4 }}
+    - port: { { .Values.service.port } } # Der Port, auf dem der Service Anfragen empfängt.
+      targetPort: { { .Values.service.targetPort } } # Der Port des Pods, an den der Service weiterleitet.
+      protocol: TCP # Das Protokoll des Ports.
+      name: http # Name des Service-Ports.
+  selector: { { - include "paperless-ai.selectorLabels" . | nindent 4 } } # Selector, um die Pods zu finden, die dieser Service bedient.

charts/paperless-ai/templates/tests/test-connection.yaml

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: "{{ include "paperless-ai.fullname" . }}-test-connection"
-  labels:
-    {{- include "paperless-ai.labels" . | nindent 4 }}
-  annotations:
-    "helm.sh/hook": test
-spec:
-  containers:
-    - name: wget
-      image: busybox
-      command: ['wget']
-      args: ['{{ include "paperless-ai.fullname" . }}:{{ .Values.service.port }}']
-  restartPolicy: Never

charts/paperless-ai/values.yaml

@@ -1,73 +1,60 @@
-# Default values for paperless-ai.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-# This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
-# Please keep this value to 1, while many instances running a crontab could lead to unknown results.
 replicaCount: 1
 
-# This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/
 image:
   repository: clusterzx/paperless-ai
-  # This sets the pull policy for images.
   pullPolicy: IfNotPresent
-  # Overrides the image tag whose default is the chart appVersion.
-  # Use latest or nightly to be up2date.
   tag: ""
 
-# This is for the secretes for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
-imagePullSecrets: []
-# This is to override the chart name.
-nameOverride: ""
-fullnameOverride: ""
-
-# This is for setting Kubernetes Annotations to a Pod.
-# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ 
-podAnnotations: {}
-# This is for setting Kubernetes Labels to a Pod.
-# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
-podLabels: {}
-
-podSecurityContext: {}
-  # fsGroup: 2000
-
-securityContext: {}
-  # capabilities:
-  #   drop:
-  #   - ALL
-  # readOnlyRootFilesystem: true
-  # runAsNonRoot: true
-  # runAsUser: 1000
-
-# This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/
-service:
-  # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
-  type: ClusterIP
-  # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports
-  port: 3000
-
-# This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/
-ingress:
-  enabled: false
-  className: ""
+serviceAccount:
+  create: true
   annotations: {}
-    # kubernetes.io/ingress.class: nginx
-    # kubernetes.io/tls-acme: "true"
-  hosts:
-    - host: chart-example.local
-      paths:
-        - path: /
-          pathType: ImplementationSpecific
-  tls: []
-  #  - secretName: chart-example-tls
-  #    hosts:
-  #      - chart-example.local
+  name: ""
 
-resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+service:
+  type: ClusterIP
+  port: 30000
+  targetPort: 30000
+
+env:
+  PUID: 1027
+  PGID: 100
+  PAPERLESS_AI_PORT: 30000
+
+# Konfiguration für persistente Speicherung (Persistent Volume Claim).
+persistence:
+  enabled: true
+  storageClassName: ""
+  accessMode: ReadWriteOnce
+  size: 1Gi
+
+# Sicherheitskontext-Einstellungen für Pod und Container.
+securityContext:
+  enabled: true
+  pod:
+    runAsUser: 1027
+    runAsGroup: 100
+    fsGroup: 100
+  container:
+    allowPrivilegeEscalation: false
+    capabilities:
+      drop:
+        - ALL
+
+# Konfiguration für Horizontal Pod Autoscaling (HPA).
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 10
+  targetCPUUtilizationPercentage: 80
+
+# Ressourcenanforderungen und -limits für den Container.
+resources:
+  {}
+  # Wir empfehlen in der Regel, keine Standardressourcen anzugeben und dies
+  # dem Benutzer zu überlassen. Dies erhöht auch die Chancen, dass Charts
+  # in Umgebungen mit geringen Ressourcen, wie Minikube, laufen.
+  # Wenn du Ressourcen angeben möchtest, kommentiere die folgenden Zeilen aus,
+  # passe sie bei Bedarf an und entferne die geschweiften Klammern nach 'resources:'.
   # limits:
   #   cpu: 100m
   #   memory: 128Mi
@@ -75,78 +62,26 @@ resources: {}
   #   cpu: 100m
   #   memory: 128Mi
 
-# This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
-livenessProbe:
-  initialDelaySeconds: 90
-  httpGet:
-    path: /
-#    path: /health
-    port: http
-readinessProbe:
-  initialDelaySeconds: 90
-  httpGet:
-    path: /
-#    path: /health
-    port: http
-
-# paperless-ai config 
-paperless:
-  apiUrl: "http://paperless-ngx:8000"
-  apiToken:
-
-ai:
-  provider: "openai"
-  addProcessedTag: yes
-  processedTagName: ai-processed
-
-prompt:
-  useTags: yes
-  tags: Rechnung,Kontoauszug,Vertrag,Arbeitgeber
-
-openAi:
-  apiKey: 
-  model: "gpt-4o-mini"
-
-ollama:
-  apiUrl: ""
-  model: ""
-
-scanInterval: "*/30 * * * *"
-
-systemPrompt: |-
-  Return the result EXCLUSIVELY as a JSON object. The Tags and Title MUST be in the language that is used in the document.:
-  
-  {
-    "title": "xxxxx",
-    "correspondent": "xxxxxxxx",
-    "tags": ["Tag1", "Tag2", "Tag3", "Tag4"],
-    "document_date": "YYYY-MM-DD",
-    "language": "en/de/es/..."
-  }
-processPredefinedDocuments: "no"
-tags: "indexed,indexed2"
-
-# additional envs, if neccessary
-envs: []
-#  - name: CONFIG_PATH
-#    value: "/app/config"
-
+# Node-Selector für die Pod-Platzierung.
 nodeSelector: {}
 
+# Toleranzen für die Pod-Platzierung auf Tainted Nodes.
 tolerations: []
 
+# Affinitätsregeln für die Pod-Platzierung.
 affinity: {}
 
-# persistence volumes needed for configuration and processing data directory
-persistence:
-  config:
-    mountPath: "/app/config/config.js"
-    subPath: "config.js"
-  envfile:
-    mountPath: "app/.env"
-    subPath: ".env"
-  data:
-    enabled: true
-    size: 1Gi
-    storageClass: standard
-    mountPath: "/app/data"
+# Ingress-Konfiguration (optional, aber üblich für Webanwendungen).
+ingress:
+  enabled: false
+  className: "" # Der Ingress-Klassenname (z.B. nginx, traefik).
+  annotations: {}
+  hosts:
+    - host: chart-example.local # Beispiel-Hostname.
+      paths:
+        - path: / # Der Pfad, der weitergeleitet werden soll.
+          pathType: ImplementationSpecific # Der Typ des Pfades (Prefix, Exact, ImplementationSpecific).
+  tls: [] # TLS-Konfiguration für den Ingress.
+  #  - secretName: chart-example-tls # Name des Secrets, das das TLS-Zertifikat enthält.
+  #    hosts:
+  #      - chart-example.local # Hostnamen, für die das Zertifikat gültig ist.