github-mirrorer/rtomik-helm-charts
1
0
Fork 1
mirror of https://github.com/rtomik/helm-charts.git synced 2026-04-05 17:50:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
af1ecd86cb80cbcf96b2e8a32d37e2e1d2dfb450
rtomik-helm-charts/charts/mealie
History
Richard Tomik 7cb71b046c release 0.0.1 for mealie helm chart
2025-08-24 15:45:29 +02:00
..
templates
release 0.0.1 for mealie helm chart
2025-08-24 15:45:29 +02:00
Chart.yaml
release 0.0.1 for mealie helm chart
2025-08-24 15:45:29 +02:00
NOTES.txt
release 0.0.1 for mealie helm chart
2025-08-24 15:45:29 +02:00
readme.md
release 0.0.1 for mealie helm chart
2025-08-24 15:45:29 +02:00
values.yaml
release 0.0.1 for mealie helm chart
2025-08-24 15:45:29 +02:00

readme.md

Mealie Helm Chart

A Helm chart for deploying Mealie recipe management and meal planning application on Kubernetes.

Introduction

This chart deploys Mealie on a Kubernetes cluster using the Helm package manager. Mealie is a self-hosted recipe manager and meal planner with a RestAPI backend and a reactive frontend application built in Vue for a pleasant user experience for the whole family.

Source code can be found here:

Prerequisites

  • Kubernetes 1.19+
  • Helm 3.0+
  • PV provisioner support in the underlying infrastructure (if persistence is needed)
  • External Postgresql DB like https://cloudnative-pg.io/

Installing the Chart

To install the chart with the release name mealie:

$ helm repo add mealie-chart https://rtomik.github.io/helm-charts
$ helm install mealie mealie-chart/mealie

Tip

: List all releases using helm list

Uninstalling the Chart

To uninstall/delete the mealie deployment:

$ helm uninstall mealie

Parameters

Global parameters

Name Description Value
nameOverride String to partially override the release name ""
fullnameOverride String to fully override the release name ""

Image parameters

Name Description Value
image.repository Mealie image repository ghcr.io/mealie-recipes/mealie
image.tag Mealie image tag v3.1.1
image.pullPolicy Mealie image pull policy IfNotPresent

Deployment parameters

Name Description Value
replicaCount Number of Mealie replicas 1
revisionHistoryLimit Number of revisions to retain for rollback 3
podSecurityContext.runAsNonRoot Run containers as non-root user false
podSecurityContext.runAsUser User ID for the container 911
podSecurityContext.fsGroup Group ID for the container filesystem 911
containerSecurityContext Security context for the container See values.yaml
nodeSelector Node labels for pod assignment {}
tolerations Tolerations for pod assignment []
affinity Affinity for pod assignment {}

Service parameters

Name Description Value
service.type Kubernetes Service type ClusterIP
service.port Service HTTP port 9000

Ingress parameters

Name Description Value
ingress.enabled Enable ingress record generation false
ingress.className IngressClass name ""
ingress.annotations Additional annotations for the Ingress See values.yaml
ingress.hosts Array of host and path objects See values.yaml
ingress.tls TLS configuration See values.yaml

Persistence parameters

Name Description Value
persistence.enabled Enable persistence using PVC true
persistence.storageClass PVC Storage Class ""
persistence.accessMode PVC Access Mode ReadWriteOnce
persistence.size PVC Size 5Gi
persistence.annotations Annotations for PVC {}

Environment variables

Name Description Value
env.PUID UserID permissions between host OS and container 911
env.PGID GroupID permissions between host OS and container 911
env.DEFAULT_GROUP The default group for users Home
env.DEFAULT_HOUSEHOLD The default household for users in each group Family
env.BASE_URL Used for Notifications http://localhost:9000
env.TOKEN_TIME The time in hours that a login/auth token is valid 48
env.API_PORT The port exposed by backend API 9000
env.API_DOCS Turns on/off access to the API documentation true
env.TZ Must be set to get correct date/time on the server UTC
env.ALLOW_SIGNUP Allow user sign-up without token false
env.ALLOW_PASSWORD_LOGIN Whether or not to display username+password input fields true
env.LOG_LEVEL Logging level info
env.DAILY_SCHEDULE_TIME Time to run daily server tasks (HH:MM) 23:45

PostgreSQL configuration

Name Description Value
postgresql.enabled Enable PostgreSQL support false
postgresql.external.enabled Use external PostgreSQL database false
postgresql.external.host PostgreSQL host ""
postgresql.external.port PostgreSQL port 5432
postgresql.external.database PostgreSQL database name mealie
postgresql.external.user PostgreSQL username mealie
postgresql.external.password PostgreSQL password ""
postgresql.external.existingSecret Name of existing secret with PostgreSQL credentials ""
postgresql.external.userKey Key in the secret for username username
postgresql.external.passwordKey Key in the secret for password password

Email (SMTP) configuration

Name Description Value
email.enabled Enable SMTP email support false
email.host SMTP host ""
email.port SMTP port 587
email.fromName From name for emails Mealie
email.authStrategy SMTP auth strategy (TLS, SSL, NONE) TLS
email.fromEmail From email address ""
email.user SMTP username ""
email.password SMTP password ""
email.existingSecret Name of existing secret with SMTP credentials ""
email.userKey Key in the secret for SMTP username smtp-user
email.passwordKey Key in the secret for SMTP password smtp-password

LDAP Authentication

Name Description Value
ldap.enabled Enable LDAP authentication false
ldap.serverUrl LDAP server URL ""
ldap.tlsInsecure Do not verify server certificate false
ldap.tlsCaCertFile Path to CA certificate file ""
ldap.enableStartTls Use STARTTLS to connect to server false
ldap.baseDn Starting point for user authentication ""
ldap.queryBind Optional bind user for LDAP searches ""
ldap.queryPassword Password for the bind user ""
ldap.userFilter LDAP filter to narrow down eligible users ""
ldap.adminFilter LDAP filter for admin users ""
ldap.idAttribute LDAP attribute for user ID uid
ldap.nameAttribute LDAP attribute for user name name
ldap.mailAttribute LDAP attribute for user email mail

OpenID Connect (OIDC)

Name Description Value
oidc.enabled Enable OIDC authentication false
oidc.signupEnabled Allow new users via OIDC true
oidc.configurationUrl URL to OIDC configuration ""
oidc.clientId OIDC client ID ""
oidc.clientSecret OIDC client secret ""
oidc.userGroup Required OIDC user group ""
oidc.adminGroup OIDC admin group ""
oidc.autoRedirect Bypass login page and redirect to IdP false
oidc.providerName Provider name shown in login button OAuth
oidc.rememberMe Extend session as if "Remember Me" was checked false
oidc.signingAlgorithm Algorithm used to sign the id token RS256
oidc.userClaim Claim to look up existing user by email
oidc.nameClaim Claim for user's full name name
oidc.groupsClaim Claim for user groups groups

OpenAI Integration

Name Description Value
openai.enabled Enable OpenAI integration false
openai.baseUrl Base URL for OpenAI API ""
openai.apiKey OpenAI API key ""
openai.model OpenAI model to use gpt-4o
openai.customHeaders Custom HTTP headers for OpenAI requests ""
openai.customParams Custom HTTP query params for OpenAI requests ""
openai.enableImageServices Enable OpenAI image services true
openai.workers Number of OpenAI workers per request 2
openai.sendDatabaseData Send Mealie data to OpenAI to improve accuracy true
openai.requestTimeout Timeout for OpenAI requests in seconds 60

TLS Configuration

Name Description Value
tls.enabled Enable TLS configuration false
tls.certificatePath Path to TLS certificate file ""
tls.privateKeyPath Path to TLS private key file ""
tls.existingSecret Name of existing secret with TLS certificates ""
tls.certificateKey Key in the secret for TLS certificate tls.crt
tls.privateKeyKey Key in the secret for TLS private key tls.key

Theme Configuration

Name Description Value
theme.light.primary Light theme primary color #E58325
theme.light.accent Light theme accent color #007A99
theme.light.secondary Light theme secondary color #973542
theme.light.success Light theme success color #43A047
theme.light.info Light theme info color #1976D2
theme.light.warning Light theme warning color #FF6D00
theme.light.error Light theme error color #EF5350
theme.dark.primary Dark theme primary color #E58325
theme.dark.accent Dark theme accent color #007A99
theme.dark.secondary Dark theme secondary color #973542
theme.dark.success Dark theme success color #43A047
theme.dark.info Dark theme info color #1976D2
theme.dark.warning Dark theme warning color #FF6D00
theme.dark.error Dark theme error color #EF5350

Resource Configuration

Name Description Value
resources Resource limits and requests {}

Health Checks

Name Description Value
probes.liveness.enabled Enable liveness probe true
probes.liveness.initialDelaySeconds Initial delay for liveness probe 60
probes.liveness.periodSeconds Period for liveness probe 30
probes.liveness.timeoutSeconds Timeout for liveness probe 10
probes.liveness.failureThreshold Failure threshold for liveness probe 3
probes.liveness.successThreshold Success threshold for liveness probe 1
probes.liveness.path Path for liveness probe /
probes.readiness.enabled Enable readiness probe true
probes.readiness.initialDelaySeconds Initial delay for readiness probe 30
probes.readiness.periodSeconds Period for readiness probe 10
probes.readiness.timeoutSeconds Timeout for readiness probe 5
probes.readiness.failureThreshold Failure threshold for readiness probe 3
probes.readiness.successThreshold Success threshold for readiness probe 1
probes.readiness.path Path for readiness probe /

Autoscaling

Name Description Value
autoscaling.enabled Enable horizontal pod autoscaling false
autoscaling.minReplicas Minimum number of replicas 1
autoscaling.maxReplicas Maximum number of replicas 3
autoscaling.targetCPUUtilizationPercentage Target CPU utilization percentage 80
autoscaling.targetMemoryUtilizationPercentage Target memory utilization percentage 80

Configuration Examples

Basic Installation with Persistence

persistence:
  enabled: true
  size: 10Gi
  storageClass: "fast-ssd"

ingress:
  enabled: true
  hosts:
    - host: mealie.example.com
      paths:
        - path: /
          pathType: Prefix
  tls:
    - hosts:
        - mealie.example.com
      secretName: mealie-tls

PostgreSQL Database Configuration

postgresql:
  external:
    enabled: true
    host: "postgresql.example.com"
    port: 5432
    database: "mealie"
    user: "mealie"
    existingSecret: "mealie-postgresql-secret"
    userKey: "username"
    passwordKey: "password"

env:
  DB_ENGINE: "postgres"

OIDC Authentication Setup

oidc:
  enabled: true
  configurationUrl: "https://auth.example.com/.well-known/openid-configuration"
  clientId: "mealie-client"
  existingSecret: "mealie-oidc-secret"
  clientIdKey: "client-id"
  clientSecretKey: "client-secret"
  autoRedirect: true
  providerName: "CompanySSO"

OpenAI Integration

openai:
  enabled: true
  baseUrl: "https://api.openai.com/v1"
  existingSecret: "mealie-openai-secret"
  apiKeyKey: "api-key"
  model: "gpt-4"
  enableImageServices: true

Security Considerations

For production deployments, it's recommended to:

  1. Use external secrets for sensitive information
  2. Enable TLS/SSL for all communications
  3. Configure proper RBAC and network policies
  4. Use a dedicated database with proper access controls
  5. Enable authentication (LDAP/OIDC) and disable public signup

Troubleshooting

Common issues and solutions:

  1. Database connection issues: Verify database credentials and network connectivity
  2. Persistence issues: Check StorageClass and PVC configuration
  3. Authentication problems: Verify LDAP/OIDC configuration and network access
  4. Performance issues: Adjust resource limits and consider using external database

For more detailed troubleshooting, check the application logs:

kubectl logs -f deployment/mealie