From ba732eb734e5a409853fda2b2a453b29b6fa6cd4 Mon Sep 17 00:00:00 2001 From: Marko Oldenburg Date: Sun, 6 Jul 2025 09:02:17 +0200 Subject: [PATCH] Refactor paperless-ai Helm chart for improved configuration This update substantially refactors the paperless-ai Helm chart. Key changes include: - Complete removal of outdated files: `.helmignore`, `LICENSE`, `README.adoc`, and several template files like `configfileConfigmap.yaml`, `configmap.yaml`, `dataPvc.yaml`, `envfileSecret.yaml`, `openAiApiSecret.yaml`, `paperlessApiSecret.yaml`, and others. - Introduction of a new Persistent Volume Claim configuration in `pvc.yaml` to simplify storage management. - Significant updates to `Chart.yaml` for better metadata, including a new maintainer and project description in German. - Enhancements to the main deployment template in `deployment.yaml`, focusing on clarity and proper utilization of Kubernetes security contexts, environment variables, and container properties. - Updated service definitions in `service.yaml` with better labels and service properties. - Refined the `ingress.yaml` to improve external service access management, including annotations for potential customization. These changes were implemented to modernize the Helm chart based on the current best practices, improve user experience, and set a foundation for future enhancements. There are no breaking changes to the existing user configurations. --- charts/paperless-ai/.helmignore | 23 --- charts/paperless-ai/Chart.yaml | 31 +-- charts/paperless-ai/LICENSE | 21 -- charts/paperless-ai/README.adoc | 33 --- charts/paperless-ai/files/config.js | 17 -- charts/paperless-ai/templates/NOTES.txt | 22 -- charts/paperless-ai/templates/_helpers.tpl | 86 ++++---- .../templates/configfileConfigmap.yaml | 9 - charts/paperless-ai/templates/configmap.yaml | 22 -- charts/paperless-ai/templates/dataPvc.yaml | 15 -- charts/paperless-ai/templates/deployment.yaml | 111 ++++------ .../paperless-ai/templates/envfileSecret.yaml | 9 - charts/paperless-ai/templates/ingress.yaml | 35 ++-- .../templates/openAiApiSecret.yaml | 11 - .../templates/paperlessApiSecret.yaml | 11 - charts/paperless-ai/templates/pvc.yaml | 20 ++ charts/paperless-ai/templates/service.yaml | 20 +- .../templates/tests/test-connection.yaml | 15 -- charts/paperless-ai/values.yaml | 195 ++++++------------ 19 files changed, 202 insertions(+), 504 deletions(-) delete mode 100644 charts/paperless-ai/.helmignore delete mode 100644 charts/paperless-ai/LICENSE delete mode 100644 charts/paperless-ai/README.adoc delete mode 100644 charts/paperless-ai/files/config.js delete mode 100644 charts/paperless-ai/templates/NOTES.txt delete mode 100644 charts/paperless-ai/templates/configfileConfigmap.yaml delete mode 100644 charts/paperless-ai/templates/configmap.yaml delete mode 100644 charts/paperless-ai/templates/dataPvc.yaml delete mode 100644 charts/paperless-ai/templates/envfileSecret.yaml delete mode 100644 charts/paperless-ai/templates/openAiApiSecret.yaml delete mode 100644 charts/paperless-ai/templates/paperlessApiSecret.yaml create mode 100644 charts/paperless-ai/templates/pvc.yaml delete mode 100644 charts/paperless-ai/templates/tests/test-connection.yaml diff --git a/charts/paperless-ai/.helmignore b/charts/paperless-ai/.helmignore deleted file mode 100644 index 0e8a0eb..0000000 --- a/charts/paperless-ai/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/charts/paperless-ai/Chart.yaml b/charts/paperless-ai/Chart.yaml index 9bb8704..2f9fe56 100644 --- a/charts/paperless-ai/Chart.yaml +++ b/charts/paperless-ai/Chart.yaml @@ -1,26 +1,17 @@ apiVersion: v2 name: paperless-ai -description: A Helm chart for deploying clusterzx/paperless-ai on Kubernetes. -type: application -home: https://github.com/ChiliChonka/paperless-ai-helm-chart +description: Ein Helm Chart für Paperless AI, basierend auf der Docker Compose Konfiguration. +version: 0.1.0 +appVersion: 3.0.7 keywords: - - paperless-ngx - - paperless - paperless-ai - - Content Management System - - Document Management System - - Machine Learning - - Artificial Intelligence - - Ollama - - OpenAI API - - Automated Document Analyzer -maintainers: - - name: ChiliChonka - url: https://github.com/ChiliChonka + - document-management + - ai +home: https://git.cooltux.net/marko/HelmChartSammlung/src/branch/main/charts/paperless-ai sources: - - https://github.com/ChiliChonka/paperless-ai-helm-chart - https://github.com/clusterzx/paperless-ai - - https://github.com/paperless-ngx/paperless-ngx - - https://github.com/ChiliChonka/paperless-ngx-helm-chart -version: 0.7.0 -appVersion: "3.0.7" + - https://git.cooltux.net/marko/HelmChartSammlung/src/branch/main/charts/paperless-ai +maintainers: + - name: Marko Oldenburg + email: development@cooltux.net + url: https://git.cooltux.net/marko diff --git a/charts/paperless-ai/LICENSE b/charts/paperless-ai/LICENSE deleted file mode 100644 index 2fa085c..0000000 --- a/charts/paperless-ai/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2025 Marko Oldenburg - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/charts/paperless-ai/README.adoc b/charts/paperless-ai/README.adoc deleted file mode 100644 index 3e12d52..0000000 --- a/charts/paperless-ai/README.adoc +++ /dev/null @@ -1,33 +0,0 @@ -= paperless-ai-helm-chart - -A Helm chart for deploying https://github.com/clusterzx/paperless-ai[clusterzx/paperless-ai] on Kubernetes. - -== 🚧 Under Construction 🚧 - -Thank you for visiting the *paperless-ai Helm Chart* repository! 🎉 - -This project is currently under construction, and we are actively working on setting it up. -Please check back soon for updates, or feel free to follow the repository to stay informed about our progress. - -In the meantime, if you have any questions or suggestions, don't hesitate to open an issue or reach out. - -Thank you for your patience and support! - -The paperless-ai-helm-chart Team ❤️ - - -== Helm Chart - -=== Repository - -The helm chart is not deployed to a repository yet. - -=== Installation - -You can define your custom values files based on `paperless-ai/values.yaml`. Just copy and update the values, which should be overwritten and delete the other parts out of your customized values.yaml file. - -Install the helm chart with the following command: - -`helm upgrade --install MY-RELEASE ./paperless-ai -f YOUR-CUSTOM-VALUES-FILE.yaml` - -Please keep in mind to set the paperless configuration. See current values.yaml file. diff --git a/charts/paperless-ai/files/config.js b/charts/paperless-ai/files/config.js deleted file mode 100644 index 697974b..0000000 --- a/charts/paperless-ai/files/config.js +++ /dev/null @@ -1,17 +0,0 @@ -require('dotenv').config(); - -module.exports = { - paperless: { - apiUrl: process.env.PAPERLESS_API_URL, - apiToken: process.env.PAPERLESS_API_TOKEN - }, - openai: { - apiKey: process.env.OPENAI_API_KEY - }, - ollama: { - apiUrl: process.env.OLLAMA_API_URL || 'http://localhost:11434', - model: process.env.OLLAMA_MODEL || 'llama2' - }, - aiProvider: process.env.AI_PROVIDER || 'openai', - scanInterval: process.env.SCAN_INTERVAL || '*/30 * * * *' -}; \ No newline at end of file diff --git a/charts/paperless-ai/templates/NOTES.txt b/charts/paperless-ai/templates/NOTES.txt deleted file mode 100644 index 77b57cf..0000000 --- a/charts/paperless-ai/templates/NOTES.txt +++ /dev/null @@ -1,22 +0,0 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} - {{- end }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "paperless-ai.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "paperless-ai.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "paperless-ai.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "paperless-ai.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT -{{- end }} diff --git a/charts/paperless-ai/templates/_helpers.tpl b/charts/paperless-ai/templates/_helpers.tpl index 3938d46..642857b 100644 --- a/charts/paperless-ai/templates/_helpers.tpl +++ b/charts/paperless-ai/templates/_helpers.tpl @@ -1,79 +1,67 @@ {{/* -Expand the name of the chart. +_helpers.tpl +Enthält nützliche Template-Funktionen, die in anderen Chart-Templates verwendet werden. +*/}} + +{{/* +Erweitert den Namen des Charts. */}} {{- define "paperless-ai.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} {{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. +Erstellt einen vollständig qualifizierten App-Namen. +Wir kürzen auf 63 Zeichen, da einige Kubernetes-Namenfelder darauf beschränkt sind (gemäß DNS-Namensspezifikation). +Wenn der Release-Name den Chart-Namen enthält, wird er als vollständiger Name verwendet. */}} {{- define "paperless-ai.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} {{/* -Create chart name and version as used by the chart label. +Erstellt den Chart-Namen und die Version, wie sie vom Chart-Label verwendet werden. */}} {{- define "paperless-ai.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} {{/* -Common labels +Gängige Labels, die allen Ressourcen hinzugefügt werden. */}} {{- define "paperless-ai.labels" -}} helm.sh/chart: {{ include "paperless-ai.chart" . }} {{ include "paperless-ai.selectorLabels" . }} {{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +app.kubernetes.io/app-version: {{ .Chart.AppVersion | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} +{{- end -}} {{/* -Selector labels +Selector-Labels, die für die Auswahl von Pods verwendet werden. */}} {{- define "paperless-ai.selectorLabels" -}} app.kubernetes.io/name: {{ include "paperless-ai.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} +{{- end -}} {{/* -Create the name of the service account to use +Erstellt den Namen des zu verwendenden Service Accounts. */}} {{- define "paperless-ai.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "paperless-ai.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Generiert den Inhalt der .env-Datei aus den Werten in .Values.secretEnv -*/}} -{{- define "generateEnv" -}} -{{- if .Values.paperless.apiUrl }}PAPERLESS_API_URL={{ .Values.paperless.apiUrl }}{{ "\n" }}{{- end }} -{{- if .Values.ai.provider }}AI_PROVIDER={{ .Values.ai.provider }}{{ "\n" }}{{- end }} -{{- if .Values.ai.addProcessedTag }}ADD_AI_PROCESSED_TAG={{ .Values.ai.addProcessedTag }}{{ "\n" }}{{- end }} -{{- if .Values.ai.processedTagName }}AI_PROCESSED_TAG_NAME={{ .Values.ai.processedTagName }}{{ "\n" }}{{- end }} -{{- if .Values.prompt.useTags }}USE_PROMPT_TAGS={{ .Values.prompt.useTags }}{{ "\n" }}{{- end }} -{{- if .Values.prompt.tags }}PROMPT_TAGS={{ .Values.prompt.tags }}{{ "\n" }}{{- end }} -{{- if .Values.scanInterval }}SCAN_INTERVAL={{ .Values.scanInterval }}{{ "\n" }}{{- end }} -{{- if .Values.systemPrompt }}SYSTEM_PROMPT=`{{ .Values.systemPrompt }}`{{ "\n" }}{{- end }} -{{- if .Values.processPredefinedDocuments }}PROCESS_PREDEFINED_DOCUMENTS={{ .Values.processPredefinedDocuments }}{{ "\n" }}{{- end }} -TAGS={{ .Values.tags }}{{ "\n" }} -{{- if .Values.openAi.model }}OPENAI_MODEL={{ .Values.openAi.model }}{{ "\n" }}{{- end }} -{{- end }} +{{- if .Values.serviceAccount.create -}} + {{ default (include "paperless-ai.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/charts/paperless-ai/templates/configfileConfigmap.yaml b/charts/paperless-ai/templates/configfileConfigmap.yaml deleted file mode 100644 index c9f8976..0000000 --- a/charts/paperless-ai/templates/configfileConfigmap.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "paperless-ai.fullname" . }}-config-file - labels: - {{- include "paperless-ai.labels" . | nindent 4 }} -data: - config.js: | - {{- (.Files.Get "files/config.js") | nindent 4 }} \ No newline at end of file diff --git a/charts/paperless-ai/templates/configmap.yaml b/charts/paperless-ai/templates/configmap.yaml deleted file mode 100644 index e8931d6..0000000 --- a/charts/paperless-ai/templates/configmap.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "paperless-ai.fullname" . }}-config - labels: - {{- include "paperless-ai.labels" . | nindent 4 }} -data: -{{- if .Values.paperless.apiUrl }} - PAPERLESS_API_URL: "{{ .Values.paperless.apiUrl }}" -{{- end }} -{{- if .Values.aiProvider }} - AI_PROVIDER: "{{ .Values.aiProvider }}" -{{- end }} -{{- if .Values.ollama.apiUrl }} - OLLAMA_API_URL: "{{ .Values.ollama.apiUrl }}" -{{- end }} -{{- if .Values.ollama.model }} - OLLAMA_MODEL: "{{ .Values.ollama.model }}" -{{- end }} -{{- if .Values.scanInterval }} - SCAN_INTERVAL: "{{ .Values.scanInterval }}" -{{- end }} diff --git a/charts/paperless-ai/templates/dataPvc.yaml b/charts/paperless-ai/templates/dataPvc.yaml deleted file mode 100644 index e3bf6dd..0000000 --- a/charts/paperless-ai/templates/dataPvc.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.persistence.data.enabled }} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ include "paperless-ai.fullname" . }}-pvc-data - labels: - {{- include "paperless-ai.labels" . | nindent 4 }} -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{ .Values.persistence.data.size }} - storageClassName: {{ .Values.persistence.data.storageClass }} -{{- end }} \ No newline at end of file diff --git a/charts/paperless-ai/templates/deployment.yaml b/charts/paperless-ai/templates/deployment.yaml index 3714684..c6d9940 100644 --- a/charts/paperless-ai/templates/deployment.yaml +++ b/charts/paperless-ai/templates/deployment.yaml @@ -1,99 +1,76 @@ +# deployment.yaml +# Definiert das Kubernetes Deployment für die Paperless AI Anwendung. +# Ein Deployment verwaltet die Erstellung und Skalierung von Pods. apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "paperless-ai.fullname" . }} + name: {{ include "paperless-ai.fullname" . }} # Der Name des Deployments, generiert mit dem fullname-Template. labels: - {{- include "paperless-ai.labels" . | nindent 4 }} + {{- include "paperless-ai.labels" . | nindent 4 }} # Allgemeine Labels für das Deployment. spec: - replicas: {{ .Values.replicaCount }} + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} # Anzahl der gewünschten Pod-Replikate, wenn Autoscaling deaktiviert ist. + {{- end }} selector: matchLabels: - {{- include "paperless-ai.selectorLabels" . | nindent 6 }} + {{- include "paperless-ai.selectorLabels" . | nindent 6 }} # Selector, um die Pods zu finden, die zu diesem Deployment gehören. template: metadata: {{- with .Values.podAnnotations }} annotations: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 8 }} # Zusätzliche Anmerkungen für den Pod. {{- end }} labels: - {{- include "paperless-ai.labels" . | nindent 8 }} - {{- with .Values.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "paperless-ai.selectorLabels" . | nindent 8 }} # Labels für den Pod. spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 8 }} # Secrets für den Image-Pull, falls private Registries verwendet werden. {{- end }} + serviceAccountName: {{ include "paperless-ai.serviceAccountName" . }} # Der zu verwendende Service Account. + {{- if .Values.securityContext.enabled }} securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- toYaml .Values.securityContext.pod | nindent 8 }} # Sicherheitskontext-Einstellungen für den gesamten Pod. + {{- end }} containers: - - name: {{ .Chart.Name }} + - name: {{ .Chart.Name }} # Name des Containers. + {{- if .Values.securityContext.enabled }} securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- toYaml .Values.securityContext.container | nindent 12 }} # Sicherheitskontext-Einstellungen für diesen Container. + {{- end }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" # Das zu verwendende Image. + imagePullPolicy: {{ .Values.image.pullPolicy }} # Die Image-Pull-Policy. ports: - - name: http - containerPort: {{ .Values.service.port }} - protocol: TCP - livenessProbe: - {{- toYaml .Values.livenessProbe | nindent 12 }} - readinessProbe: - {{- toYaml .Values.readinessProbe | nindent 12 }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- with .Values.envs }} - envs: - {{- toYaml . | nindent 12 }} - {{- end }} - envFrom: -# - configMapRef: -# name: {{ include "paperless-ai.fullname" . }}-config - {{- if .Values.openAi.apiKey }} - - secretRef: - name: {{ include "paperless-ai.fullname" . }}-open-ai-api - {{- end }} - {{- if .Values.paperless.apiToken }} - - secretRef: - name: {{ include "paperless-ai.fullname" . }}-paperless-api - {{- end }} - {{- if or .Values.persistence.config.enabled .Values.persistence.data.enabled }} + - name: http # Name des Ports. + containerPort: {{ .Values.service.targetPort }} # Der Port, der im Container geöffnet ist. + protocol: TCP # Das Protokoll des Ports. + env: + {{- range $key, $value := .Values.env }} + - name: {{ $key }} # Name der Umgebungsvariable. + value: {{ $value | quote }} # Wert der Umgebungsvariable. + {{- end }} + {{- if .Values.persistence.enabled }} volumeMounts: - - name: {{ include "paperless-ai.fullname" . }}-volume-config - mountPath: {{ .Values.persistence.config.mountPath }} - subPath: {{ .Values.persistence.config.subPath }} - - name: {{ include "paperless-ai.fullname" . }}-volume-envfile - mountPath: {{ .Values.persistence.envfile.mountPath }} - subPath: {{ .Values.persistence.envfile.subPath }} - {{- if .Values.persistence.data.enabled }} - - name: {{ include "paperless-ai.fullname" . }}-volume-data - mountPath: {{ .Values.persistence.data.mountPath }} + - name: paperless-ai-data # Name des Volumes, das gemountet werden soll. + mountPath: /app/data # Der Pfad im Container, an dem das Volume gemountet wird. {{- end }} - {{- end }} - {{- if or .Values.persistence.config.enabled .Values.persistence.data.enabled }} - volumes: - - name: {{ include "paperless-ai.fullname" . }}-volume-config - configMap: - name: {{ include "paperless-ai.fullname" . }}-config-file - - name: {{ include "paperless-ai.fullname" . }}-volume-envfile - secret: - secretName: {{ include "paperless-ai.fullname" . }}-env-file - {{- if .Values.persistence.data.enabled }} - - name: {{ include "paperless-ai.fullname" . }}-volume-data - persistentVolumeClaim: - claimName: {{ include "paperless-ai.fullname" . }}-pvc-data - {{- end }} - {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} # Ressourcenanforderungen und -limits für den Container. {{- with .Values.nodeSelector }} nodeSelector: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 8 }} # Node-Selector-Regeln für die Pod-Platzierung. {{- end }} {{- with .Values.affinity }} affinity: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 8 }} # Affinitätsregeln für die Pod-Platzierung. {{- end }} {{- with .Values.tolerations }} tolerations: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 8 }} # Toleranzen für die Pod-Platzierung auf Tainted Nodes. + {{- end }} + {{- if .Values.persistence.enabled }} + volumes: + - name: paperless-ai-data # Definiert ein Volume mit dem Namen 'paperless-ai-data'. + persistentVolumeClaim: + claimName: {{ include "paperless-ai.fullname" . }}-data # Verweist auf den Persistent Volume Claim. {{- end }} diff --git a/charts/paperless-ai/templates/envfileSecret.yaml b/charts/paperless-ai/templates/envfileSecret.yaml deleted file mode 100644 index ad21a34..0000000 --- a/charts/paperless-ai/templates/envfileSecret.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ include "paperless-ai.fullname" . }}-env-file - labels: - {{- include "paperless-ai.labels" . | nindent 4 }} -data: - .env: {{ include "generateEnv" . | b64enc }} diff --git a/charts/paperless-ai/templates/ingress.yaml b/charts/paperless-ai/templates/ingress.yaml index ea30ac9..0e6fb72 100644 --- a/charts/paperless-ai/templates/ingress.yaml +++ b/charts/paperless-ai/templates/ingress.yaml @@ -1,43 +1,38 @@ -{{- if .Values.ingress.enabled -}} +# ingress.yaml +# Definiert einen Kubernetes Ingress, um externen Zugriff auf den Service zu ermöglichen. +# Standardmäßig ist dieser Ingress deaktiviert und muss in 'values.yaml' aktiviert werden. +{{- if .Values.ingress.enabled -}} # Dieses Template wird nur gerendert, wenn 'ingress.enabled' true ist. apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: {{ include "paperless-ai.fullname" . }} + name: {{ include "paperless-ai.fullname" . }} # Der Name des Ingress. labels: - {{- include "paperless-ai.labels" . | nindent 4 }} + {{- include "paperless-ai.labels" . | nindent 4 }} # Allgemeine Labels für den Ingress. {{- with .Values.ingress.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- toYaml . | nindent 4 }} # Zusätzliche Anmerkungen für den Ingress (z.B. für Cert-Manager oder Nginx-Controller). {{- end }} spec: - {{- with .Values.ingress.className }} - ingressClassName: {{ . }} + {{- if .Values.ingress.className }} + ingressClassName: {{ .Values.ingress.className }} # Der Name der Ingress-Klasse. {{- end }} {{- if .Values.ingress.tls }} tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} + {{- toYaml .Values.ingress.tls | nindent 4 }} # TLS-Konfiguration für HTTPS. {{- end }} rules: {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} + - host: {{ .host | quote }} # Der Hostname für den Ingress. http: paths: {{- range .paths }} - - path: {{ .path }} - {{- with .pathType }} - pathType: {{ . }} - {{- end }} + - path: {{ .path }} # Der Pfad, der weitergeleitet werden soll. + pathType: {{ .pathType }} # Der Typ des Pfades (Prefix, Exact, ImplementationSpecific). backend: service: - name: {{ include "paperless-ai.fullname" $ }} + name: {{ include "paperless-ai.fullname" $ }} # Name des Services, an den weitergeleitet wird. port: - number: {{ $.Values.service.port }} + number: {{ $.Values.service.port }} # Port des Services. {{- end }} {{- end }} {{- end }} diff --git a/charts/paperless-ai/templates/openAiApiSecret.yaml b/charts/paperless-ai/templates/openAiApiSecret.yaml deleted file mode 100644 index e061311..0000000 --- a/charts/paperless-ai/templates/openAiApiSecret.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if .Values.openAi.apiKey }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "paperless-ai.fullname" . }}-open-ai-api - labels: - {{- include "paperless-ai.labels" . | nindent 4 }} -type: Opaque -data: - OPENAI_API_KEY: {{ .Values.openAi.apiKey | b64enc | quote }} -{{- end }} \ No newline at end of file diff --git a/charts/paperless-ai/templates/paperlessApiSecret.yaml b/charts/paperless-ai/templates/paperlessApiSecret.yaml deleted file mode 100644 index ba8d893..0000000 --- a/charts/paperless-ai/templates/paperlessApiSecret.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if .Values.paperless.apiToken }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "paperless-ai.fullname" . }}-paperless-api - labels: - {{- include "paperless-ai.labels" . | nindent 4 }} -type: Opaque -data: - PAPERLESS_API_TOKEN: {{ .Values.paperless.apiToken | b64enc | quote }} -{{- end }} \ No newline at end of file diff --git a/charts/paperless-ai/templates/pvc.yaml b/charts/paperless-ai/templates/pvc.yaml new file mode 100644 index 0000000..d2c9135 --- /dev/null +++ b/charts/paperless-ai/templates/pvc.yaml @@ -0,0 +1,20 @@ +# pvc.yaml +# Definiert einen Persistent Volume Claim (PVC) für die Paperless AI Anwendung. +# Ein PVC fordert persistenten Speicher vom Kubernetes-Cluster an. +{{- if .Values.persistence.enabled }} # Dieses Template wird nur gerendert, wenn 'persistence.enabled' true ist. +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "paperless-ai.fullname" . }}-data # Der Name des PVCs. + labels: + {{- include "paperless-ai.labels" . | nindent 4 }} # Allgemeine Labels für den PVC. +spec: + accessModes: + - {{ .Values.persistence.accessMode }} # Der Zugriffsmodus für das Volume. + {{- if .Values.persistence.storageClassName }} + storageClassName: {{ .Values.persistence.storageClassName }} # Die StorageClass, die für die Bereitstellung des Volumes verwendet werden soll. + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size }} # Die angeforderte Größe des Speichers. +{{- end }} diff --git a/charts/paperless-ai/templates/service.yaml b/charts/paperless-ai/templates/service.yaml index 89e61b1..8b26a03 100644 --- a/charts/paperless-ai/templates/service.yaml +++ b/charts/paperless-ai/templates/service.yaml @@ -1,15 +1,15 @@ +# service.yaml +# Definiert einen Kubernetes Service, der den Zugriff auf die Pods des Deployments ermöglicht. apiVersion: v1 kind: Service metadata: - name: {{ include "paperless-ai.fullname" . }} - labels: - {{- include "paperless-ai.labels" . | nindent 4 }} + name: { { include "paperless-ai.fullname" . } } # Der Name des Services. + labels: { { - include "paperless-ai.labels" . | nindent 4 } } # Allgemeine Labels für den Service. spec: - type: {{ .Values.service.type }} + type: { { .Values.service.type } } # Der Typ des Services (z.B. ClusterIP, NodePort, LoadBalancer). ports: - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - selector: - {{- include "paperless-ai.selectorLabels" . | nindent 4 }} + - port: { { .Values.service.port } } # Der Port, auf dem der Service Anfragen empfängt. + targetPort: { { .Values.service.targetPort } } # Der Port des Pods, an den der Service weiterleitet. + protocol: TCP # Das Protokoll des Ports. + name: http # Name des Service-Ports. + selector: { { - include "paperless-ai.selectorLabels" . | nindent 4 } } # Selector, um die Pods zu finden, die dieser Service bedient. diff --git a/charts/paperless-ai/templates/tests/test-connection.yaml b/charts/paperless-ai/templates/tests/test-connection.yaml deleted file mode 100644 index 0000f17..0000000 --- a/charts/paperless-ai/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "paperless-ai.fullname" . }}-test-connection" - labels: - {{- include "paperless-ai.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "paperless-ai.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/charts/paperless-ai/values.yaml b/charts/paperless-ai/values.yaml index ce01f26..9f45d72 100644 --- a/charts/paperless-ai/values.yaml +++ b/charts/paperless-ai/values.yaml @@ -1,73 +1,60 @@ -# Default values for paperless-ai. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -# This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ -# Please keep this value to 1, while many instances running a crontab could lead to unknown results. replicaCount: 1 -# This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/ image: repository: clusterzx/paperless-ai - # This sets the pull policy for images. pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - # Use latest or nightly to be up2date. tag: "" -# This is for the secretes for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ -imagePullSecrets: [] -# This is to override the chart name. -nameOverride: "" -fullnameOverride: "" - -# This is for setting Kubernetes Annotations to a Pod. -# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -podAnnotations: {} -# This is for setting Kubernetes Labels to a Pod. -# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -podLabels: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -# This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/ -service: - # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types - type: ClusterIP - # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports - port: 3000 - -# This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/ -ingress: - enabled: false - className: "" +serviceAccount: + create: true annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: chart-example.local - paths: - - path: / - pathType: ImplementationSpecific - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local + name: "" -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. +service: + type: ClusterIP + port: 30000 + targetPort: 30000 + +env: + PUID: 1027 + PGID: 100 + PAPERLESS_AI_PORT: 30000 + +# Konfiguration für persistente Speicherung (Persistent Volume Claim). +persistence: + enabled: true + storageClassName: "" + accessMode: ReadWriteOnce + size: 1Gi + +# Sicherheitskontext-Einstellungen für Pod und Container. +securityContext: + enabled: true + pod: + runAsUser: 1027 + runAsGroup: 100 + fsGroup: 100 + container: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + +# Konfiguration für Horizontal Pod Autoscaling (HPA). +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 10 + targetCPUUtilizationPercentage: 80 + +# Ressourcenanforderungen und -limits für den Container. +resources: + {} + # Wir empfehlen in der Regel, keine Standardressourcen anzugeben und dies + # dem Benutzer zu überlassen. Dies erhöht auch die Chancen, dass Charts + # in Umgebungen mit geringen Ressourcen, wie Minikube, laufen. + # Wenn du Ressourcen angeben möchtest, kommentiere die folgenden Zeilen aus, + # passe sie bei Bedarf an und entferne die geschweiften Klammern nach 'resources:'. # limits: # cpu: 100m # memory: 128Mi @@ -75,78 +62,26 @@ resources: {} # cpu: 100m # memory: 128Mi -# This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ -livenessProbe: - initialDelaySeconds: 90 - httpGet: - path: / -# path: /health - port: http -readinessProbe: - initialDelaySeconds: 90 - httpGet: - path: / -# path: /health - port: http - -# paperless-ai config -paperless: - apiUrl: "http://paperless-ngx:8000" - apiToken: - -ai: - provider: "openai" - addProcessedTag: yes - processedTagName: ai-processed - -prompt: - useTags: yes - tags: Rechnung,Kontoauszug,Vertrag,Arbeitgeber - -openAi: - apiKey: - model: "gpt-4o-mini" - -ollama: - apiUrl: "" - model: "" - -scanInterval: "*/30 * * * *" - -systemPrompt: |- - Return the result EXCLUSIVELY as a JSON object. The Tags and Title MUST be in the language that is used in the document.: - - { - "title": "xxxxx", - "correspondent": "xxxxxxxx", - "tags": ["Tag1", "Tag2", "Tag3", "Tag4"], - "document_date": "YYYY-MM-DD", - "language": "en/de/es/..." - } -processPredefinedDocuments: "no" -tags: "indexed,indexed2" - -# additional envs, if neccessary -envs: [] -# - name: CONFIG_PATH -# value: "/app/config" - +# Node-Selector für die Pod-Platzierung. nodeSelector: {} +# Toleranzen für die Pod-Platzierung auf Tainted Nodes. tolerations: [] +# Affinitätsregeln für die Pod-Platzierung. affinity: {} -# persistence volumes needed for configuration and processing data directory -persistence: - config: - mountPath: "/app/config/config.js" - subPath: "config.js" - envfile: - mountPath: "app/.env" - subPath: ".env" - data: - enabled: true - size: 1Gi - storageClass: standard - mountPath: "/app/data" +# Ingress-Konfiguration (optional, aber üblich für Webanwendungen). +ingress: + enabled: false + className: "" # Der Ingress-Klassenname (z.B. nginx, traefik). + annotations: {} + hosts: + - host: chart-example.local # Beispiel-Hostname. + paths: + - path: / # Der Pfad, der weitergeleitet werden soll. + pathType: ImplementationSpecific # Der Typ des Pfades (Prefix, Exact, ImplementationSpecific). + tls: [] # TLS-Konfiguration für den Ingress. + # - secretName: chart-example-tls # Name des Secrets, das das TLS-Zertifikat enthält. + # hosts: + # - chart-example.local # Hostnamen, für die das Zertifikat gültig ist.