From fa186d389df6907ab57ae144bc786d3f56d0e803 Mon Sep 17 00:00:00 2001 From: Richard Tomik Date: Mon, 11 Aug 2025 11:26:33 +0200 Subject: [PATCH] release 0.0.1 for karakeep --- charts/karakeep/Chart.yaml | 16 ++ charts/karakeep/NOTES.txt | 46 ++++++ charts/karakeep/readme.md | 108 ++++++++++++ charts/karakeep/templates/_helpers.tpl | 70 ++++++++ charts/karakeep/templates/deployment.yaml | 191 ++++++++++++++++++++++ charts/karakeep/templates/ingress.yaml | 41 +++++ charts/karakeep/templates/pvc.yaml | 43 +++++ charts/karakeep/templates/secret.yaml | 13 ++ charts/karakeep/templates/service.yaml | 15 ++ charts/karakeep/values.yaml | 170 +++++++++++++++++++ 10 files changed, 713 insertions(+) create mode 100644 charts/karakeep/Chart.yaml create mode 100644 charts/karakeep/NOTES.txt create mode 100644 charts/karakeep/readme.md create mode 100644 charts/karakeep/templates/_helpers.tpl create mode 100644 charts/karakeep/templates/deployment.yaml create mode 100644 charts/karakeep/templates/ingress.yaml create mode 100644 charts/karakeep/templates/pvc.yaml create mode 100644 charts/karakeep/templates/secret.yaml create mode 100644 charts/karakeep/templates/service.yaml create mode 100644 charts/karakeep/values.yaml diff --git a/charts/karakeep/Chart.yaml b/charts/karakeep/Chart.yaml new file mode 100644 index 0000000..3e3a525 --- /dev/null +++ b/charts/karakeep/Chart.yaml @@ -0,0 +1,16 @@ +apiVersion: v2 +name: karakeep +description: Karakeep helm chart for Kubernetes +type: application +version: 0.0.1 +appVersion: "0.26.0" +maintainers: + - name: Richard Tomik + email: no@m.com +keywords: + - bookmark-manager + - karakeep + - productivity +home: https://github.com/rtomik/helm-charts +sources: + - https://github.com/karakeep-app/karakeep \ No newline at end of file diff --git a/charts/karakeep/NOTES.txt b/charts/karakeep/NOTES.txt new file mode 100644 index 0000000..1beae12 --- /dev/null +++ b/charts/karakeep/NOTES.txt @@ -0,0 +1,46 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "karakeep.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "karakeep.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "karakeep.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "{{ include "karakeep.selectorLabels" . }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:3000 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 3000:$CONTAINER_PORT +{{- end }} + +2. Karakeep has been deployed with the following components: + - Main application (Karakeep) + - MeiliSearch for search functionality + - Chrome browser for web scraping + +{{- if not .Values.persistence.enabled }} +3. WARNING: Persistence is disabled. Data will be lost when pods are restarted. + Enable persistence by setting: + persistence.enabled=true +{{- end }} + +4. IMPORTANT: Configuration for production: + - Generate a secure 32-character random string for NEXTAUTH_SECRET + - NEXTAUTH_URL is automatically set when ingress is enabled + - Update secrets or environment variables as needed + +{{- if not .Values.secrets.create }} +{{- if not .Values.secrets.existingSecret }} +5. Optional: Configure additional API keys via secrets: + - OPENAI_API_KEY for AI features + - MEILI_MASTER_KEY for MeiliSearch authentication +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/karakeep/readme.md b/charts/karakeep/readme.md new file mode 100644 index 0000000..2c582f5 --- /dev/null +++ b/charts/karakeep/readme.md @@ -0,0 +1,108 @@ +# Karakeep Helm Chart + +This Helm chart deploys [Karakeep](https://github.com/karakeep-app/karakeep), a bookmark management application, along with its required services on a Kubernetes cluster. + +## Components + +This chart deploys three containers in a single pod: + +1. **Karakeep**: The main bookmark management application +2. **Chrome**: Headless Chrome browser for web scraping and preview generation +3. **MeiliSearch**: Search engine for fast bookmark search functionality + +## Prerequisites + +- Kubernetes 1.19+ +- Helm 3.2.0+ +- PV provisioner support in the underlying infrastructure (if persistence is enabled) + +## Installing the Chart + +To install the chart with the release name `karakeep`: + +```bash +helm repo add karakeep-chart https://rtomik.github.io/helm-charts +helm install karakeep karakeep-chart/karakeep +``` + +## Uninstalling the Chart + +To uninstall/delete the `karakeep` deployment: + +```bash +helm delete karakeep +``` + +## Configuration + +The following table lists the configurable parameters and their default values. + +### Global Settings + +| Parameter | Description | Default | +|-----------|-------------|---------| +| `nameOverride` | Override the name of the chart | `""` | +| `fullnameOverride` | Override the full name of the chart | `""` | +| `replicaCount` | Number of replicas | `1` | + +### Karakeep Configuration + +| Parameter | Description | Default | +|-----------|-------------|---------| +| `karakeep.image.repository` | Karakeep image repository | `ghcr.io/karakeep-app/karakeep` | +| `karakeep.image.tag` | Karakeep image tag | `"release"` | +| `karakeep.image.pullPolicy` | Image pull policy | `IfNotPresent` | + +### Chrome Configuration + +| Parameter | Description | Default | +|-----------|-------------|---------| +| `chrome.image.repository` | Chrome image repository | `gcr.io/zenika-hub/alpine-chrome` | +| `chrome.image.tag` | Chrome image tag | `"124"` | + +### MeiliSearch Configuration + +| Parameter | Description | Default | +|-----------|-------------|---------| +| `meilisearch.image.repository` | MeiliSearch image repository | `getmeili/meilisearch` | +| `meilisearch.image.tag` | MeiliSearch image tag | `"v1.13.3"` | + +### Persistence + +| Parameter | Description | Default | +|-----------|-------------|---------| +| `persistence.enabled` | Enable persistent storage | `true` | +| `persistence.data.size` | Size of data volume | `5Gi` | +| `persistence.data.storageClass` | Storage class for data volume | `""` | +| `persistence.meilisearch.size` | Size of MeiliSearch volume | `2Gi` | +| `persistence.meilisearch.storageClass` | Storage class for MeiliSearch volume | `""` | + +### Ingress + +| Parameter | Description | Default | +|-----------|-------------|---------| +| `ingress.enabled` | Enable ingress | `false` | +| `ingress.hosts[0].host` | Hostname | `karakeep.domain.com` | + +### Secrets + +| Parameter | Description | Default | +|-----------|-------------|---------| +| `secrets.create` | Create secret for environment variables | `false` | +| `secrets.existingSecret` | Use existing secret | `""` | +| `secrets.env` | Environment variables to store in secret | `{}` | + +**Important Configuration:** +1. The default `NEXTAUTH_SECRET` is set to a placeholder value. For production deployments, you should either: + - Override the value: `--set karakeep.env[3].value="your-secure-32-character-string"` + - Use secrets: `--set secrets.create=true --set secrets.env.NEXTAUTH_SECRET="your-secure-32-character-string"` + +2. When ingress is enabled, `NEXTAUTH_URL` is automatically set to the ingress hostname. For custom configurations: + - Override manually: `--set karakeep.env[4].value="https://your-domain.com"` + +## Notes + +- This chart creates a multi-container pod with all three services running together +- Data persistence is enabled by default with separate volumes for Karakeep data and MeiliSearch indices +- The services communicate via localhost since they share the same pod network +- Chrome runs with security flags for containerized environments \ No newline at end of file diff --git a/charts/karakeep/templates/_helpers.tpl b/charts/karakeep/templates/_helpers.tpl new file mode 100644 index 0000000..271210c --- /dev/null +++ b/charts/karakeep/templates/_helpers.tpl @@ -0,0 +1,70 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "karakeep.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +*/}} +{{- define "karakeep.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- printf "%s" $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "karakeep.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "karakeep.labels" -}} +helm.sh/chart: {{ include "karakeep.chart" . }} +{{ include "karakeep.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "karakeep.selectorLabels" -}} +app.kubernetes.io/name: {{ include "karakeep.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the secret to use +*/}} +{{- define "karakeep.secretName" -}} +{{- if .Values.secrets.existingSecret }} +{{- .Values.secrets.existingSecret }} +{{- else }} +{{- include "karakeep.fullname" . }}-secret +{{- end }} +{{- end }} + +{{/* +Create the name of the data PVC +*/}} +{{- define "karakeep.dataPvcName" -}} +{{- include "karakeep.fullname" . }}-data +{{- end }} + +{{/* +Create the name of the meilisearch PVC +*/}} +{{- define "karakeep.meilisearchPvcName" -}} +{{- include "karakeep.fullname" . }}-meilisearch +{{- end }} \ No newline at end of file diff --git a/charts/karakeep/templates/deployment.yaml b/charts/karakeep/templates/deployment.yaml new file mode 100644 index 0000000..bce5cf6 --- /dev/null +++ b/charts/karakeep/templates/deployment.yaml @@ -0,0 +1,191 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "karakeep.fullname" . }} + labels: + {{- include "karakeep.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "karakeep.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "karakeep.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + # Karakeep main application + - name: karakeep + image: "{{ .Values.karakeep.image.repository }}:{{ .Values.karakeep.image.tag }}" + imagePullPolicy: {{ .Values.karakeep.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.karakeep.service.port }} + protocol: TCP + env: + {{- range .Values.karakeep.env }} + - name: {{ .name }} + {{- if and (eq .name "NEXTAUTH_URL") $.Values.ingress.enabled }} + {{- $host := (index $.Values.ingress.hosts 0).host }} + {{- if $.Values.ingress.tls }} + value: "https://{{ $host }}" + {{- else }} + value: "http://{{ $host }}" + {{- end }} + {{- else }} + value: {{ .value | quote }} + {{- end }} + {{- end }} + {{- range .Values.karakeep.extraEnv }} + - name: {{ .name }} + {{- if .value }} + value: {{ .value | quote }} + {{- else if .valueFrom }} + valueFrom: + {{- toYaml .valueFrom | nindent 16 }} + {{- end }} + {{- end }} + {{- if or .Values.secrets.create .Values.secrets.existingSecret }} + envFrom: + - secretRef: + name: {{ include "karakeep.secretName" . }} + {{- end }} + volumeMounts: + - name: data + mountPath: /data + securityContext: + {{- toYaml .Values.containerSecurityContext | nindent 12 }} + {{- with .Values.karakeep.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + livenessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 30 + periodSeconds: 30 + readinessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 15 + periodSeconds: 10 + + # Chrome browser sidecar + - name: chrome + image: "{{ .Values.chrome.image.repository }}:{{ .Values.chrome.image.tag }}" + imagePullPolicy: {{ .Values.chrome.image.pullPolicy }} + args: + {{- range .Values.chrome.args }} + - {{ . | quote }} + {{- end }} + ports: + - name: debug + containerPort: {{ .Values.chrome.service.port }} + protocol: TCP + securityContext: + {{- toYaml .Values.chrome.securityContext | nindent 12 }} + {{- with .Values.chrome.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + livenessProbe: + httpGet: + path: /json/version + port: debug + initialDelaySeconds: 30 + periodSeconds: 30 + readinessProbe: + httpGet: + path: /json/version + port: debug + initialDelaySeconds: 10 + periodSeconds: 5 + + # MeiliSearch sidecar + - name: meilisearch + image: "{{ .Values.meilisearch.image.repository }}:{{ .Values.meilisearch.image.tag }}" + imagePullPolicy: {{ .Values.meilisearch.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.meilisearch.service.port }} + protocol: TCP + env: + {{- range .Values.meilisearch.env }} + - name: {{ .name }} + value: {{ .value | quote }} + {{- end }} + {{- range .Values.meilisearch.extraEnv }} + - name: {{ .name }} + {{- if .value }} + value: {{ .value | quote }} + {{- else if .valueFrom }} + valueFrom: + {{- toYaml .valueFrom | nindent 16 }} + {{- end }} + {{- end }} + {{- if or .Values.secrets.create .Values.secrets.existingSecret }} + envFrom: + - secretRef: + name: {{ include "karakeep.secretName" . }} + {{- end }} + volumeMounts: + - name: meilisearch-data + mountPath: /meili_data + securityContext: + {{- toYaml .Values.meilisearch.securityContext | nindent 12 }} + {{- with .Values.meilisearch.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + startupProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 30 + livenessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 30 + periodSeconds: 30 + readinessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 15 + periodSeconds: 10 + + volumes: + {{- if .Values.persistence.enabled }} + - name: data + persistentVolumeClaim: + claimName: {{ include "karakeep.dataPvcName" . }} + - name: meilisearch-data + persistentVolumeClaim: + claimName: {{ include "karakeep.meilisearchPvcName" . }} + {{- else }} + - name: data + emptyDir: {} + - name: meilisearch-data + emptyDir: {} + {{- end }} \ No newline at end of file diff --git a/charts/karakeep/templates/ingress.yaml b/charts/karakeep/templates/ingress.yaml new file mode 100644 index 0000000..e4310ef --- /dev/null +++ b/charts/karakeep/templates/ingress.yaml @@ -0,0 +1,41 @@ +{{- if .Values.ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "karakeep.fullname" . }} + labels: + {{- include "karakeep.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.className }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ include "karakeep.fullname" $ }} + port: + number: {{ $.Values.service.port }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/karakeep/templates/pvc.yaml b/charts/karakeep/templates/pvc.yaml new file mode 100644 index 0000000..83e1bad --- /dev/null +++ b/charts/karakeep/templates/pvc.yaml @@ -0,0 +1,43 @@ +{{- if .Values.persistence.enabled }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "karakeep.dataPvcName" . }} + labels: + {{- include "karakeep.labels" . | nindent 4 }} + component: data +spec: + accessModes: + - {{ .Values.persistence.data.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.data.size }} + {{- if .Values.persistence.data.storageClass }} + {{- if (eq "-" .Values.persistence.data.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: {{ .Values.persistence.data.storageClass }} + {{- end }} + {{- end }} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "karakeep.meilisearchPvcName" . }} + labels: + {{- include "karakeep.labels" . | nindent 4 }} + component: meilisearch +spec: + accessModes: + - {{ .Values.persistence.meilisearch.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.meilisearch.size }} + {{- if .Values.persistence.meilisearch.storageClass }} + {{- if (eq "-" .Values.persistence.meilisearch.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: {{ .Values.persistence.meilisearch.storageClass }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/karakeep/templates/secret.yaml b/charts/karakeep/templates/secret.yaml new file mode 100644 index 0000000..1909ad7 --- /dev/null +++ b/charts/karakeep/templates/secret.yaml @@ -0,0 +1,13 @@ +{{- if .Values.secrets.create }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "karakeep.secretName" . }} + labels: + {{- include "karakeep.labels" . | nindent 4 }} +type: Opaque +data: + {{- range $key, $value := .Values.secrets.env }} + {{ $key }}: {{ $value | b64enc }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/karakeep/templates/service.yaml b/charts/karakeep/templates/service.yaml new file mode 100644 index 0000000..fc19228 --- /dev/null +++ b/charts/karakeep/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "karakeep.fullname" . }} + labels: + {{- include "karakeep.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "karakeep.selectorLabels" . | nindent 4 }} \ No newline at end of file diff --git a/charts/karakeep/values.yaml b/charts/karakeep/values.yaml new file mode 100644 index 0000000..12faac4 --- /dev/null +++ b/charts/karakeep/values.yaml @@ -0,0 +1,170 @@ +## Global settings +nameOverride: "" +fullnameOverride: "" + +## Deployment settings +replicaCount: 1 +revisionHistoryLimit: 3 + +# Pod security settings +podSecurityContext: + runAsNonRoot: false + runAsUser: 0 + fsGroup: 0 + +containerSecurityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + capabilities: + drop: + - ALL + +## Pod scheduling +nodeSelector: {} +tolerations: [] +affinity: {} + +## Karakeep Web Application +karakeep: + image: + repository: ghcr.io/karakeep-app/karakeep + tag: "0.26.0" + pullPolicy: IfNotPresent + + securityContext: {} + + env: + - name: DATA_DIR + value: "/data" + - name: MEILI_ADDR + value: "http://localhost:7700" + - name: BROWSER_WEB_URL + value: "http://localhost:9222" + - name: NEXTAUTH_SECRET + value: "changeme-generate-a-secure-random-string" + - name: NEXTAUTH_URL + value: "http://localhost:3000" + + extraEnv: [] + # - name: OPENAI_API_KEY + # valueFrom: + # secretKeyRef: + # name: karakeep-secrets + # key: openai-api-key + + service: + port: 3000 + + #resources: + # limits: + # cpu: 500m + # memory: 1Gi + # requests: + # cpu: 100m + # memory: 256Mi + +## Chrome Browser Service +chrome: + image: + repository: gcr.io/zenika-hub/alpine-chrome + tag: "124" + pullPolicy: IfNotPresent + + securityContext: {} + + args: + - --no-sandbox + - --disable-gpu + - --disable-dev-shm-usage + - --remote-debugging-address=0.0.0.0 + - --remote-debugging-port=9222 + - --hide-scrollbars + + service: + port: 9222 + + #resources: + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 100m + # memory: 128Mi + +## MeiliSearch Service +meilisearch: + image: + repository: getmeili/meilisearch + tag: "v1.13.3" + pullPolicy: IfNotPresent + + securityContext: {} + + env: + - name: MEILI_NO_ANALYTICS + value: "true" + - name: MEILI_MAX_INDEXING_MEMORY + value: "512MiB" + - name: MEILI_MAX_INDEXING_THREADS + value: "2" + + extraEnv: [] + + service: + port: 7700 + + resources: + limits: + cpu: 500m + memory: 1Gi + requests: + cpu: 100m + memory: 256Mi + +## Service settings +service: + type: ClusterIP + port: 3000 + +## Ingress settings +ingress: + enabled: false + className: "" + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: websecure + hosts: + - host: karakeep. + paths: + - path: / + pathType: Prefix + tls: + - hosts: + - karakeep. + +## Persistence settings +persistence: + enabled: true + + # Karakeep data storage + data: + storageClass: "" + accessMode: ReadWriteOnce + size: 5Gi + + # MeiliSearch data storage + meilisearch: + storageClass: "" + accessMode: ReadWriteOnce + size: 2Gi + +## Secret configuration +secrets: + # Set to true to create a secret for environment variables + create: false + # Name of existing secret to use + existingSecret: "" + # Environment variables to include in secret + env: {} + # NEXTAUTH_SECRET: "your-secure-random-string" + # OPENAI_API_KEY: "your-openai-api-key" + # MEILI_MASTER_KEY: "your-meilisearch-master-key" \ No newline at end of file