AI-Service documentation
Info
This is a copy of the Helm README file which is shipped together with the AI-Service chart.
The OX AI-Service integrates 3rd party AIs in App Suite UI, currently ChatGPT from OpenAI, Anthropic Claude on AWS Bedrock or localAI compatible models.
Please check out the full documentation here: OX AI-Service documentation
Chart Configuration
| Parameter | Description | Default |
|---|---|---|
| image.repository | The image to be used for the deployment | registry.open-xchange.com/core/ai-service |
| image.pullPolicy | The imagePullPolicy for the deployment | IfNotPresent |
| image.tag | The image tag, defaults to app version | "" |
| bindAddr | IP address to listen for connections | "::" |
| hostname | hostname for the ai-service deployment | "" |
| origins | Allowed origins for CORS | * |
| logLevel | specify log level for service | "info" |
| logJson | Logs in JSON format | false |
| exposeApiDocs | Expose API documentation via Swagger UI at /api-docs | false |
| ingress.enabled | Generate ingress resource | false |
| ingress.annotations | Map of key-value pairs that will be added as annotations to the ingress resource | {} |
| overrides.name | Name of the chart | "ai-service" |
| overrides.fullname | Full name of the chart installation | "RELEASE-NAME-ai-service" |
| jwtSecret.enabled | Enable the secret for JWT | true |
| jwt.sharedSecret | Shared secret for JWT verification. This must match the secret configured for switchboard | "" |
| jwks.domain | Domain of JWKS issuer like example.com leave empty if you want to use sharedSecret | "" |
| openaiSecret.enabled | Enable the secret for openai | true |
| openaiAPIKey | OpenAI API Key | "" |
| localaiSecret.enabled | Enable the secret for localai. May be optional, depending on your used service and model. | false |
| localaiAPIKey | localAI API Key. May be optional, depending on your used service and model. | "" |
| azureSecret.enabled | Enable the secret for Azure | false |
| azureAPIUrl | OpenAI Azure API Url (Internal use only) | "" |
| azureAPIKey | OpenAI Azure API Key (Internal use only) | "" |
| mysqlSecret.enabled | Create the kubernetes secret for mysql (enable if you want to use the DB or provide own secret) | true |
| overrides.mysqlSecret | If you provide your own secret for mysql put the secret name here | "" |
| database.enabled | Use Database. This is mandatory for AI chat, usage tracking, and rate limiting and therefore deprecated. With App Suite 8.34, the default changed to true. | true |
| database.host | SQL server hostname | RELEASE-NAME-ai-service-sql |
| database.name | Database name | RELEASE-NAME-ai-service |
| database.connections | Number of concurrent connections to the DB server | "10" |
| database.user | DB User with access rights to sqlDB | "" |
| database.password | DB Password of swDBUser | "" |
| database.rootPassword | Database root password to perform admin tasks | "" |
| database.rollback | WARNING: This will roll back the migrations this version has rolled out | false |
| cron.cleanupDb | Database cleanup interval (Cron notation) | 0 0 * * * * |
| cron.sidecarInjection.disabled | Disable Istio Sidecar Injection for CronJobs | true |
| azureAPIVersion | OpenAI Azure API Key (Internal use only) | "" |
| openaiBaseUrl | Url of the OpenAI service (internal or localAI use only) | "" |
| localaiBaseUrl | Url of the localAI service. Falls back to to openaiBaseUrl if configured. | "" |
| localaiModerationDisabled | disable moderation for localai independently from the global setting (usually not supported) | true |
| accounting.enabled | Enable the accounting feature | false |
| chatAssistantContext | First (system) message that is sent to the ai chat to setup the mood and general context. | "You are a helpful AI assistant." |
| enforceDefaultModel | Always use the configured default model regardless of the clients request | false |
| disableAPI | Disable all API endpoints. Only UI source files will be delivered | false |
| moderationDisabled | Disabled moderation for testing purposes (internal or localAI use only) | false |
| awsSecret.enabled | Enable the secret for AWS | false |
| awsRegion | Region of the AWS user with Bedrock & Claude enabled | "" |
| awsAccessKey | AWS IAM access key with Bedrock & Claude enabled | "" |
| awsSecretKey | AWS IAM secret key with Bedrock & Claude enabled | "" |
| awsBaseUrl | URL of the AWS service (internal use only) | "" |
| basicAuth.enabled | Enable the secret for basic authentication (Admin routes) | false |
| basicAuth.user | Username for basic authentication (Admin routes) | "" |
| basicAuth.password | Password for basic authentication (Admin routes) | "" |
| overrides.basicAuthSecret | If you provide your own secret for basic auth put the secret name here | "" |
| bearerAuth.enabled | Enable the secret for bearer authentication (Admin routes) | false |
| bearerAuth.keys | Comma seperated keys to use with bearer auth (Admin Routes) | "" |
| overrides.bearerAuthSecret | If you provide your own secret for bearer auth put the secret name here | "" |
| oauth2.domain | Domain of the openid connect capable OAuth2 server | "" |
| plans | List of plans with limits for users and brands | See full documentation for details |
| modelsConfig | List of models that the service supports | See full documentation for details |
| config | Application configuration that is also relevent for the UI parts | See full documentation for details |
| monitoring.grafana.enabled | Enable Grafana integration for dashboards and init job | false |
| monitoring.grafana.grafanaOperator | Enable Grafana Operator integration (adds label and skips Node.js job) | false |
| monitoring.grafana.url | URL of the Grafana instance | "" |
| monitoring.grafana.secretName | Name of the Kubernetes secret for Grafana credentials | "" |
| monitoring.grafana.username | Username for Grafana API access (if required) | "" |
| monitoring.grafana.password | Password for Grafana API access (if required) | "" |
| monitoring.grafana.apiToken | API token for Grafana (preferred for automation) | "" |
| monitoring.grafana.folder | Target folder in Grafana for dashboards | "" |
| monitoring.grafana.ttlInitJob | TTL in seconds for the Grafana init job after completion | 600 |
| monitoring.prometheus.url | URL of the Prometheus instance used for metrics collection | "" |
| monitoring.prometheus.dataSource | Override the Prometheus datasource name in Grafana | "" |
| monitoring.prometheus.kube-prometheus | Enable ServiceMonitor creation for kube-prometheus environments | false |
| monitoring.prometheus.serviceMonitor.namespace | Target namespace for ServiceMonitor | "" |
| monitoring.prometheus.serviceMonitor.interval | Scrape interval for ServiceMonitor | 30s |
| monitoring.prometheus.serviceMonitor.scrapeTimeout | Scrape timeout for ServiceMonitor | "" |
| monitoring.prometheus.serviceMonitor.honorLabels | Honor labels for ServiceMonitor | false |
| monitoring.prometheus.serviceMonitor.additionalLabels | Additional labels for ServiceMonitor | {} |
| monitoring.prometheus.serviceMonitor.annotations | Annotations for ServiceMonitor | {} |
| monitoring.prometheus.serviceMonitor.relabelings | Relabeling configuration for ServiceMonitor | [] |
| monitoring.prometheus.serviceMonitor.metricRelabelings | Metric relabeling configuration for ServiceMonitor | [] |