From 80b9d14ec4efa291b05465842970ba9a6b5f33fc Mon Sep 17 00:00:00 2001 From: Paul Payne Date: Wed, 24 Sep 2025 04:33:45 -0700 Subject: [PATCH] Adds OpenWebUI app. --- apps/open-webui/deployment.yaml | 76 ++++++++++++++++++++++++++++++ apps/open-webui/ingress.yaml | 24 ++++++++++ apps/open-webui/kustomization.yaml | 15 ++++++ apps/open-webui/manifest.yaml | 17 +++++++ apps/open-webui/namespace.yaml | 4 ++ apps/open-webui/pvc.yaml | 10 ++++ apps/open-webui/service.yaml | 12 +++++ 7 files changed, 158 insertions(+) create mode 100644 apps/open-webui/deployment.yaml create mode 100644 apps/open-webui/ingress.yaml create mode 100644 apps/open-webui/kustomization.yaml create mode 100644 apps/open-webui/manifest.yaml create mode 100644 apps/open-webui/namespace.yaml create mode 100644 apps/open-webui/pvc.yaml create mode 100644 apps/open-webui/service.yaml diff --git a/apps/open-webui/deployment.yaml b/apps/open-webui/deployment.yaml new file mode 100644 index 0000000..1721522 --- /dev/null +++ b/apps/open-webui/deployment.yaml @@ -0,0 +1,76 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: open-webui +spec: + replicas: 1 + selector: + matchLabels: + component: web + template: + metadata: + labels: + component: web + spec: + securityContext: + runAsNonRoot: true + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + seccompProfile: + type: RuntimeDefault + containers: + - name: open-webui + image: {{ .apps.openWebui.image }} + imagePullPolicy: IfNotPresent + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: false + ports: + - name: http + containerPort: {{ .apps.openWebui.port }} + env: + - name: WEBUI_AUTH + value: "{{ .apps.openWebui.enableAuth }}" + - name: ENABLE_SIGNUP + value: "{{ .apps.openWebui.enableSignup }}" + - name: OPENAI_API_BASE_URL + value: "{{ .apps.openWebui.vllmApiUrl }}" + - name: OPENAI_API_KEY + value: "sk-placeholder" # Required but not used with vLLM + - name: WEBUI_SECRET_KEY + valueFrom: + secretKeyRef: + name: open-webui-secrets + key: apps.openWebui.secretKey + volumeMounts: + - name: data + mountPath: /app/backend/data + resources: + requests: + cpu: 100m + memory: 512Mi + limits: + cpu: 1 + memory: 2Gi + readinessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + livenessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 60 + periodSeconds: 30 + timeoutSeconds: 5 + volumes: + - name: data + persistentVolumeClaim: + claimName: open-webui-data \ No newline at end of file diff --git a/apps/open-webui/ingress.yaml b/apps/open-webui/ingress.yaml new file mode 100644 index 0000000..2f68129 --- /dev/null +++ b/apps/open-webui/ingress.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: open-webui + annotations: + external-dns.alpha.kubernetes.io/target: "{{ .apps.openWebui.domain }}" + external-dns.alpha.kubernetes.io/cloudflare-proxied: "false" +spec: + rules: + - host: "{{ .apps.openWebui.domain }}" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: open-webui + port: + number: 80 + tls: + - secretName: wildcard-wild-cloud-tls + hosts: + - "{{ .apps.openWebui.domain }}" \ No newline at end of file diff --git a/apps/open-webui/kustomization.yaml b/apps/open-webui/kustomization.yaml new file mode 100644 index 0000000..1cb9bdf --- /dev/null +++ b/apps/open-webui/kustomization.yaml @@ -0,0 +1,15 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: open-webui +labels: + - includeSelectors: true + pairs: + app: open-webui + managedBy: kustomize + partOf: wild-cloud +resources: + - namespace.yaml + - pvc.yaml + - deployment.yaml + - service.yaml + - ingress.yaml \ No newline at end of file diff --git a/apps/open-webui/manifest.yaml b/apps/open-webui/manifest.yaml new file mode 100644 index 0000000..4076741 --- /dev/null +++ b/apps/open-webui/manifest.yaml @@ -0,0 +1,17 @@ +name: openWebui +description: Open WebUI is a comprehensive, open-source web interface for AI models. Features a user-friendly design, supports various LLM runners, and operates entirely offline. Perfect for creating a ChatGPT-like experience with local or hosted models. +version: 0.4.5 +icon: https://docs.openwebui.com/assets/logo-dark.png +requires: [] +defaultConfig: + image: ghcr.io/open-webui/open-webui:main + port: 8080 + storage: 10Gi + domain: chat.{{ .cloud.domain }} + # vLLM integration - connect to existing vLLM service + vllmApiUrl: http://vllm-service.llm.svc.cluster.local:8000/v1 + # Authentication settings + enableAuth: true + enableSignup: false +requiredSecrets: + - apps.openWebui.secretKey \ No newline at end of file diff --git a/apps/open-webui/namespace.yaml b/apps/open-webui/namespace.yaml new file mode 100644 index 0000000..9c1a599 --- /dev/null +++ b/apps/open-webui/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: open-webui \ No newline at end of file diff --git a/apps/open-webui/pvc.yaml b/apps/open-webui/pvc.yaml new file mode 100644 index 0000000..ecb8be6 --- /dev/null +++ b/apps/open-webui/pvc.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: open-webui-data +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .apps.openWebui.storage }} \ No newline at end of file diff --git a/apps/open-webui/service.yaml b/apps/open-webui/service.yaml new file mode 100644 index 0000000..b5967f0 --- /dev/null +++ b/apps/open-webui/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: open-webui +spec: + type: ClusterIP + selector: + component: web + ports: + - name: http + port: 80 + targetPort: http \ No newline at end of file