PhariaAI Helm Chart

This document provides an overview of the chart dependencies and configurable Helm chart values for PhariaAI. It covers global configurations, detailed dependency settings, image pull credentials, PostgreSQL settings, and resource management options, offering a comprehensive guide for deploying and customizing PhariaAI.

Requirements

Repository	Name	Version
oci://alephalpha.jfrog.io/helm/assistant	pharia-assistant	0.5.305
oci://alephalpha.jfrog.io/helm/assistant	pharia-assistant-api	0.13.46
oci://alephalpha.jfrog.io/helm/assistant	pharia-assistant-api-worker	0.1.0
oci://alephalpha.jfrog.io/helm/assistant	pharia-chat	0.0.9
oci://alephalpha.jfrog.io/helm	document-index	0.25.10
oci://alephalpha.jfrog.io/helm	document-index-ui	0.3.6
oci://alephalpha.jfrog.io/helm	inference-api	0.13.8
oci://alephalpha.jfrog.io/helm	inference-worker	0.9.1
oci://alephalpha.jfrog.io/helm	pharia-data-api	0.23.16
oci://alephalpha.jfrog.io/helm	pharia-finetuning	0.5.17
oci://alephalpha.jfrog.io/helm	pharia-iam	0.13.205
oci://alephalpha.jfrog.io/helm	pharia-kernel	0.2.43
oci://alephalpha.jfrog.io/helm/pharia-studio	pharia-studio-api	0.16.23
oci://alephalpha.jfrog.io/helm/pharia-studio	pharia-studio-ui	0.14.41
oci://alephalpha.jfrog.io/helm	pharia-transcribe	0.1.9
oci://alephalpha.jfrog.io/helm	pharia-translate	0.3.8
oci://alephalpha.jfrog.io/helm/phariaos	phariaos-manager	0.22.0
oci://alephalpha.jfrog.io/helm/phariaos	phariaos-ui	0.18.1

Values

Global

Key	Type	Default	Description
global.imagePullOpaqueSecretName	string	"aleph-alpha-oci-registry-opaque"	Default PhariaAI Secret name as an Opaque secret. Override name for existing image pull secret if required
global.imagePullSecretName	string	"aleph-alpha-oci-registry"	Default PhariaAI Secret name to pull images from Aleph Alpha artifactory. Override name for existing image pull secret if required
global.inference.enabled	bool	true	Activate deployment of Pharia AA inference stack (inference-api, inference-worker)
global.inferenceApiServicesSecretRef	string	"inference-api-services"	Secret to be used to authenticate inference api services. See inferenceApiServices for more info.
global.ingress	object	{"additionalAnnotations":{},"ingressClassName":"nginx","ingressDomain":"pharia-ai.local"}	Global config for all ingress resources
global.ingress.ingressClassName	string	"nginx"	The ingressClassName globally defined for all ingress resources ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#the-ingress-resource Override possible on sub-chart level: .ingress.ingressClassName overrides global.ingress.ingressClassName
global.ingress.ingressDomain	string	"pharia-ai.local"	Domain for external access / ingress to services via . Override possible on sub-chart level: .ingress.ingressDomain overrides global.ingress.ingressDomain
global.permissionModel	object	{"AssistantUser":[{"permission":"ExecuteTextJobs"},{"permission":"KernelAccess"},{"model":null,"permission":"ModelAccess"},{"namespace":"Assistant","permission":"AccessNamespace"},{"permission":"AccessDataPlatform"},{"permission":"AccessAssistant"},{"permission":"OsReadUsecase"}],"Client":[{"permission":"ExecuteJobs"},{"model":null,"permission":"AccessModel"}],"EtlServiceUser":[{"namespace":"Studio","permission":"AccessNamespace"},{"namespace":"Assistant","permission":"AccessNamespace"},{"permission":"AccessDataPlatform"}],"InferenceServiceUser":[{"permission":"ExecuteJobs"},{"permission":"ExecuteTextJobs"},{"permission":"CreateSteeringConcepts"},{"permission":"ReadSteeringConcepts"},{"permission":"DeleteSteeringConcepts"},{"model":null,"permission":"AccessModel"}],"OsUser":[{"permission":"OsReadUsecase"},{"permission":"OsWriteUsecase"},{"permission":"OsReadHardware"},{"permission":"OsReadModels"},{"permission":"KernelAccess"}],"StudioUser":[{"permission":"ExecuteJobs"},{"permission":"KernelAccess"},{"model":null,"permission":"AccessModel"},{"namespace":"Studio","permission":"AccessNamespace"},{"permission":"AccessDataPlatform"},{"permission":"AccessStudio"},{"permission":"AccessFinetuning"},{"permission":"OsReadUsecase"},{"permission":"OsWriteUsecase"},{"permission":"ProjectAccess"},{"permission":"ReadUser"}],"UseCaseServiceUser":[{"permission":"ExecuteJobs"},{"model":null,"permission":"AccessModel"},{"namespace":"Studio","permission":"AccessNamespace"},{"namespace":"Assistant","permission":"AccessNamespace"},{"permission":"KernelAccess"}]}	Permission model (Roles to Permissions) used in the PhariaAI stack
global.permissionSchemaConfigMapName	string	"pharia-ai-permissions"	Default PhariaAI Config Map for setting permission model
global.phariaAIConfigMap	string	"pharia-ai-config"	Default PhariaAI ConfigMap for setting environment variables
global.phariaAiEdition	string	""	Default PhariaAI edition <-- Will be dropped soon once we have coordinated with all customers @schema type: string minLength: 1 @schema
global.phariaAiFeatureSet	string	"1"	Default PhariaAI feature set

General

Key	Type	Default	Description
apiGateway	object	{"ingress":{"annotations":{},"enabled":true,"hostname":"api","tls":{"enabled":true,"secretName":"pharia-api-gateway-tls"}}}	Ingress configuration for API Gateway
apiGateway.ingress.annotations	object	{}	Annotations for the ingress-resource. This can be used to add ingress controller specific annotations.
apiGateway.ingress.enabled	bool	true	Enabled ingress creation
apiGateway.ingress.hostname	string	"api"	Hostname for the Ingress (without domain). The domain is read from global.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain
apiGateway.ingress.tls	object	{"enabled":true,"secretName":"pharia-api-gateway-tls"}	Configure TLS for this Ingress
apiGateway.ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
apiGateway.ingress.tls.secretName	string	"pharia-api-gateway-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
imagePullCredentials.password	string	""	Password to login into artifactory registry
imagePullCredentials.registry	string	"alephalpha.jfrog.io"	Aleph Alpha artifactory registry
imagePullCredentials.username	string	""	Username to login into artifactory registry

Sub charts

pharia-assistant

Key	Type	Default	Description
pharia-assistant-api-worker.enabled	bool	false	Set this to true to install the pharia-assistant-api-worker subchart as a dependency (BETA)
pharia-assistant-api-worker.fullnameOverride	string	"pharia-assistant-api-worker"	Override for the full name of pharia-assistant-api-worker
pharia-assistant-api.databaseConfig.external	object	{"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""}	Provide an existing database if you want to use an external database
pharia-assistant-api.databaseConfig.external.databaseName	string	""	The name of the database
pharia-assistant-api.databaseConfig.external.existingSecret	string	""	Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the keys exists in the secret with a valid value.
pharia-assistant-api.databaseConfig.external.host	string	""	The host of the database
pharia-assistant-api.databaseConfig.external.password	string	""	The password of the database
pharia-assistant-api.databaseConfig.external.port	string	""	The port of the database
pharia-assistant-api.databaseConfig.external.user	string	""	The user of the database
pharia-assistant-api.databaseConfig.secretKeys.databaseNameKey	string	"databaseName"	The key in the secret that contains the database name
pharia-assistant-api.databaseConfig.secretKeys.hostKey	string	"host"	The key in the secret that contains the host of the database
pharia-assistant-api.databaseConfig.secretKeys.passwordKey	string	"password"	The key in the secret that contains the password of the database
pharia-assistant-api.databaseConfig.secretKeys.portKey	string	"port"	The key in the secret that contains the port of the database
pharia-assistant-api.databaseConfig.secretKeys.userKey	string	"user"	The key in the secret that contains the user of the database
pharia-assistant-api.enabled	bool	true	Set this to true to install the pharia-assistant-api subchart as a dependency
pharia-assistant-api.env.APPLICATION_NAME	string	"PhariaAssistant"	Name of the application to be displayed in the frontend's top bar @schema type: string minLength: 1 @schema
pharia-assistant-api.env.DOCUMENT_INDEX_FILE_UPLOAD_NAMESPACE	string	"Assistant"	Document-Index namespace for file uploads in chat feature @schema type: string minLength: 1 @schema
pharia-assistant-api.env.GENERATE_MODEL_NAME	string	"llama-3.3-70b-instruct"	Model name for generate feature @schema enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema
pharia-assistant-api.env.MAX_FILE_UPLOAD_SIZE_MB	float	20	Frontend maximum file upload size in MB @schema type: number exclusiveMinimum: 0 @schema
pharia-assistant-api.env.PERSIST_TRACES	bool	true	Enable/disable persisting traces in the Assistant's database @schema type: boolean @schema
pharia-assistant-api.env.QA_MODEL_NAME	string	"llama-3.3-70b-instruct"	Model name for chat feature @schema enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema
pharia-assistant-api.env.REQUEST_TIMEOUT_IN_SECONDS	int	180	Frontend request timeout in seconds @schema type: integer minimum: 1 @schema
pharia-assistant-api.env.RETRIEVER_QA_INDEX_NAME	string	"Assistant-Index"	Document-Index index name for chat with collections feature @schema type: string minLength: 1 @schema
pharia-assistant-api.env.SUMMARY_MODEL_NAME	string	"llama-3.3-70b-instruct"	Model name for summarization subtasks in chat and NLS features @schema enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema
pharia-assistant-api.env.TRANSLATION_CACHE_MAX_SIZE	int	10000	Maximum size for the translation cache @schema type: integer minimum: 1 @schema
pharia-assistant-api.env.TRANSLATION_CACHE_TTL	int	3600	Time-to-live for the translation cache in seconds @schema type: integer minimum: 1 @schema
pharia-assistant-api.favicon	object	{"png":"","svg":"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHN0eWxlPgogICAgQG1lZGlhIChwcmVmZXJzLWNvbG9yLXNjaGVtZTpkYXJrKXtwYXRoe2ZpbGw6I2ZmZn19CiAgPC9zdHlsZT4KICA8cGF0aCBkPSJtMzQuNjcgMTA2LjQzLTUuNTUtMTMuNTVBMTkuMTQgMTkuMTQgMCAwIDAgMjkgNTcuNDJsNS40Ny0xMy41OWEzMy43OCAzMy43OCAwIDAgMSAuMiA2Mi42Wm0yMi45MyAxNy4xMi04LjY4LTExLjhhNDUuMjggNDUuMjggMCAwIDAgOC42MS04LjI3TDY5IDExMi42MmE1OS44MiA1OS44MiAwIDAgMS0xMS40IDEwLjkzWiIvPgogIDxwYXRoIGQ9Ik04Mi4yMyA3NS4xN2E2MC4zNyA2MC4zNyAwIDAgMC0yNC42NC00OC4zOWwtOC42OCAxMS44MWE0NS42MyA0NS42MyAwIDAgMSAxOC42OCAzNi41OCA2MC4yOCA2MC4yOCAwIDAgMCAyNC40OCA0OC4zOGw4LjY4LTExLjhhNDUuNiA0NS42IDAgMCAxLTE4LjUyLTM2LjU4Wm05Ljg1LTI4LjIzLTExLjQ3LTkuMTJhNjAuMTQgNjAuMTQgMCAwIDEgMTEuOTQtMTEuMzdsOC41NiAxMS44OGE0NS41IDQ1LjUgMCAwIDAtOS4wMyA4LjYxWk0xMTUgMTA2LjUyYTM0LjMyIDM0LjMyIDAgMCAxLS4yOS02Mi41Mmw2LjEgMTMuMzJhMTkuNjggMTkuNjggMCAwIDAgLjE5IDM1LjgzWiIvPgo8L3N2Zz4K"}	The favicon used in the Assistant frontend can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing cat favicon.svg \| base64 in a terminal. The svg value takes precedence over the png value. @schema type: object anyOf: - required: - svg properties: svg: type: string minLength: 1 - required: - png properties: png: type: string minLength: 1 @schema
pharia-assistant-api.favicon.png	string	""	The base64 encoded favicon.png
pharia-assistant-api.favicon.svg	string	"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHN0eWxlPgogICAgQG1lZGlhIChwcmVmZXJzLWNvbG9yLXNjaGVtZTpkYXJrKXtwYXRoe2ZpbGw6I2ZmZn19CiAgPC9zdHlsZT4KICA8cGF0aCBkPSJtMzQuNjcgMTA2LjQzLTUuNTUtMTMuNTVBMTkuMTQgMTkuMTQgMCAwIDAgMjkgNTcuNDJsNS40Ny0xMy41OWEzMy43OCAzMy43OCAwIDAgMSAuMiA2Mi42Wm0yMi45MyAxNy4xMi04LjY4LTExLjhhNDUuMjggNDUuMjggMCAwIDAgOC42MS04LjI3TDY5IDExMi42MmE1OS44MiA1OS44MiAwIDAgMS0xMS40IDEwLjkzWiIvPgogIDxwYXRoIGQ9Ik04Mi4yMyA3NS4xN2E2MC4zNyA2MC4zNyAwIDAgMC0yNC42NC00OC4zOWwtOC42OCAxMS44MWE0NS42MyA0NS42MyAwIDAgMSAxOC42OCAzNi41OCA2MC4yOCA2MC4yOCAwIDAgMCAyNC40OCA0OC4zOGw4LjY4LTExLjhhNDUuNiA0NS42IDAgMCAxLTE4LjUyLTM2LjU4Wm05Ljg1LTI4LjIzLTExLjQ3LTkuMTJhNjAuMTQgNjAuMTQgMCAwIDEgMTEuOTQtMTEuMzdsOC41NiAxMS44OGE0NS41IDQ1LjUgMCAwIDAtOS4wMyA4LjYxWk0xMTUgMTA2LjUyYTM0LjMyIDM0LjMyIDAgMCAxLS4yOS02Mi41Mmw2LjEgMTMuMzJhMTkuNjggMTkuNjggMCAwIDAgLjE5IDM1LjgzWiIvPgo8L3N2Zz4K"	The base64 encoded favicon.svg
pharia-assistant-api.featureFlags	object	{"enableChat":true,"enableExtensibleGenerate":true,"enableExtensibleSummarize":true,"enableHomepage":true,"enableNls":true,"enableTranslate":true}	Feature flags for pharia-assistant-api
pharia-assistant-api.featureFlags.enableChat	bool	true	Enable inbuilt chat feature @schema type: boolean @schema
pharia-assistant-api.featureFlags.enableExtensibleGenerate	bool	true	Enable extensible generate feature @schema type: boolean @schema
pharia-assistant-api.featureFlags.enableExtensibleSummarize	bool	true	Enable extensible summarize feature @schema type: boolean @schema
pharia-assistant-api.featureFlags.enableHomepage	bool	true	Enable homepage @schema type: boolean @schema
pharia-assistant-api.featureFlags.enableNls	bool	true	Enable NLS feature @schema type: boolean @schema
pharia-assistant-api.featureFlags.enableTranslate	bool	true	Enable inbuilt translate feature @schema type: boolean @schema
pharia-assistant-api.fullnameOverride	string	"pharia-assistant-api"	Override for the full name of pharia-assistant-api
pharia-assistant-api.logo	object	{"png":"","svg":"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHBhdGggZD0ibTM0LjY3IDEwNi40My01LjU1LTEzLjU1QTE5LjE0IDE5LjE0IDAgMCAwIDI5IDU3LjQybDUuNDctMTMuNTlhMzMuNzggMzMuNzggMCAwIDEgLjIgNjIuNlptMjIuOTMgMTcuMTItOC42OC0xMS44YTQ1LjI4IDQ1LjI4IDAgMCAwIDguNjEtOC4yN0w2OSAxMTIuNjJhNTkuODIgNTkuODIgMCAwIDEtMTEuNCAxMC45M1oiIC8+CiAgPHBhdGggZD0iTTgyLjIzIDc1LjE3YTYwLjM3IDYwLjM3IDAgMCAwLTI0LjY0LTQ4LjM5bC04LjY4IDExLjgxYTQ1LjYzIDQ1LjYzIDAgMCAxIDE4LjY4IDM2LjU4IDYwLjI4IDYwLjI4IDAgMCAwIDI0LjQ4IDQ4LjM4bDguNjgtMTEuOGE0NS42IDQ1LjYgMCAwIDEtMTguNTItMzYuNThabTkuODUtMjguMjMtMTEuNDctOS4xMmE2MC4xNCA2MC4xNCAwIDAgMSAxMS45NC0xMS4zN2w4LjU2IDExLjg4YTQ1LjUgNDUuNSAwIDAgMC05LjAzIDguNjFaTTExNSAxMDYuNTJhMzQuMzIgMzQuMzIgMCAwIDEtLjI5LTYyLjUybDYuMSAxMy4zMmExOS42OCAxOS42OCAwIDAgMCAuMTkgMzUuODNaIiAvPgo8L3N2Zz4K"}	The logo used in the Assistant frontend can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing cat logo.svg \| base64 in a terminal. The svg value takes precedence over the png value. @schema type: object anyOf: - required: - svg properties: svg: type: string minLength: 1 - required: - png properties: png: type: string minLength: 1 @schema
pharia-assistant-api.logo.png	string	""	The base64 encoded logo.png
pharia-assistant-api.logo.svg	string	"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHBhdGggZD0ibTM0LjY3IDEwNi40My01LjU1LTEzLjU1QTE5LjE0IDE5LjE0IDAgMCAwIDI5IDU3LjQybDUuNDctMTMuNTlhMzMuNzggMzMuNzggMCAwIDEgLjIgNjIuNlptMjIuOTMgMTcuMTItOC42OC0xMS44YTQ1LjI4IDQ1LjI4IDAgMCAwIDguNjEtOC4yN0w2OSAxMTIuNjJhNTkuODIgNTkuODIgMCAwIDEtMTEuNCAxMC45M1oiIC8+CiAgPHBhdGggZD0iTTgyLjIzIDc1LjE3YTYwLjM3IDYwLjM3IDAgMCAwLTI0LjY0LTQ4LjM5bC04LjY4IDExLjgxYTQ1LjYzIDQ1LjYzIDAgMCAxIDE4LjY4IDM2LjU4IDYwLjI4IDYwLjI4IDAgMCAwIDI0LjQ4IDQ4LjM4bDguNjgtMTEuOGE0NS42IDQ1LjYgMCAwIDEtMTguNTItMzYuNThabTkuODUtMjguMjMtMTEuNDctOS4xMmE2MC4xNCA2MC4xNCAwIDAgMSAxMS45NC0xMS4zN2w4LjU2IDExLjg4YTQ1LjUgNDUuNSAwIDAgMC05LjAzIDguNjFaTTExNSAxMDYuNTJhMzQuMzIgMzQuMzIgMCAwIDEtLjI5LTYyLjUybDYuMSAxMy4zMmExOS42OCAxOS42OCAwIDAgMCAuMTkgMzUuODNaIiAvPgo8L3N2Zz4K"	The base64 encoded logo.svg
pharia-assistant-api.postgresql.auth.existingSecret	string	""
pharia-assistant-api.postgresql.auth.password	string	""	If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication
pharia-assistant-api.postgresql.enabled	bool	true	This is used to indicate whether the internal PostgreSQL should be used or not.
pharia-assistant-api.privacyPolicyNotice	list	[{"link_title":"Privacy Policy","link_url":"https://docs.aleph-alpha.com/docs/privacy-policy-de/","locale":"en","text":"Please do not enter any personal, sensitive or classified data in this tool, as it is a test system. You can find more information on how we process personal data in our"},{"link_title":"Datenschutzrichtlinie","link_url":"https://docs.aleph-alpha.com/docs/privacy-policy-de/","locale":"de","text":"Bitte geben Sie keine persönlichen, sensiblen oder geheimen Daten in dieses Tool ein, da es sich um ein Testsystem handelt. Weitere Informationen darüber, wie wir personenbezogene Daten verarbeiten, finden Sie in unserer"}]	If a locale is missing or no customization is provided at all, the frontend has an inbuilt default with the same values as those below. @schema type: array items: type: object properties: locale: enum: ["en", "de"] minLength: 1 text: type: string minLength: 1 link_url: type: string minLength: 1 link_title: type: string minLength: 1 required: - locale - text - link_url - link_title @schema
pharia-assistant-api.resources.limits.cpu	string	"1"
pharia-assistant-api.resources.limits.memory	string	"4Gi"
pharia-assistant-api.resources.requests.cpu	string	"100m"
pharia-assistant-api.resources.requests.memory	string	"4Gi"
pharia-assistant-api.secret	object	{"serviceUserToken":""}	Allows to populate the secret identified by 'pharia-assistant-api.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'pharia-assistant-api.serviceUserSecret' for more information.
pharia-assistant-api.serviceUserSecret	string	"pharia-iam-service-user-pharia-assistant-api"	The name of a secret containing the service user token used by the pharia-assistant-api for sending requests to the inference. This allows to connect the pharia-assistant-api to an externally running inference. The secret must contain the field apiToken. It can either be pre-existing or the chart creates it for you with the value defined in 'pharia-assistant-api.secret'.
enabled	bool	true	Set this to true to install the pharia-assistant subchart as a dependency
fullnameOverride	string	"pharia-assistant"	Override for the full name of pharia-assistant
ingress.annotations	object	{}	Annotations for the ingress-resource. This can be used to add ingress controller specific annotations.
ingress.enabled	bool	true	Enabled ingress creation
ingress.hostname	string	"pharia-assistant"	Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain.
ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
ingress.tls.secretName	string	"pharia-assistant-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
resources.limits.cpu	string	"500m"
resources.limits.memory	string	"256Mi"
resources.requests.cpu	string	"100m"
resources.requests.memory	string	"256Mi"

pharia-assistant-api

Key	Type	Default	Description
pharia-assistant-api-worker.enabled	bool	false	Set this to true to install the pharia-assistant-api-worker subchart as a dependency (BETA)
pharia-assistant-api-worker.fullnameOverride	string	"pharia-assistant-api-worker"	Override for the full name of pharia-assistant-api-worker
databaseConfig.external	object	{"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""}	Provide an existing database if you want to use an external database
databaseConfig.external.databaseName	string	""	The name of the database
databaseConfig.external.existingSecret	string	""	Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the keys exists in the secret with a valid value.
databaseConfig.external.host	string	""	The host of the database
databaseConfig.external.password	string	""	The password of the database
databaseConfig.external.port	string	""	The port of the database
databaseConfig.external.user	string	""	The user of the database
databaseConfig.secretKeys.databaseNameKey	string	"databaseName"	The key in the secret that contains the database name
databaseConfig.secretKeys.hostKey	string	"host"	The key in the secret that contains the host of the database
databaseConfig.secretKeys.passwordKey	string	"password"	The key in the secret that contains the password of the database
databaseConfig.secretKeys.portKey	string	"port"	The key in the secret that contains the port of the database
databaseConfig.secretKeys.userKey	string	"user"	The key in the secret that contains the user of the database
enabled	bool	true	Set this to true to install the pharia-assistant-api subchart as a dependency
env.APPLICATION_NAME	string	"PhariaAssistant"	Name of the application to be displayed in the frontend's top bar @schema type: string minLength: 1 @schema
env.DOCUMENT_INDEX_FILE_UPLOAD_NAMESPACE	string	"Assistant"	Document-Index namespace for file uploads in chat feature @schema type: string minLength: 1 @schema
env.GENERATE_MODEL_NAME	string	"llama-3.3-70b-instruct"	Model name for generate feature @schema enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema
env.MAX_FILE_UPLOAD_SIZE_MB	float	20	Frontend maximum file upload size in MB @schema type: number exclusiveMinimum: 0 @schema
env.PERSIST_TRACES	bool	true	Enable/disable persisting traces in the Assistant's database @schema type: boolean @schema
env.QA_MODEL_NAME	string	"llama-3.3-70b-instruct"	Model name for chat feature @schema enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema
env.REQUEST_TIMEOUT_IN_SECONDS	int	180	Frontend request timeout in seconds @schema type: integer minimum: 1 @schema
env.RETRIEVER_QA_INDEX_NAME	string	"Assistant-Index"	Document-Index index name for chat with collections feature @schema type: string minLength: 1 @schema
env.SUMMARY_MODEL_NAME	string	"llama-3.3-70b-instruct"	Model name for summarization subtasks in chat and NLS features @schema enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema
env.TRANSLATION_CACHE_MAX_SIZE	int	10000	Maximum size for the translation cache @schema type: integer minimum: 1 @schema
env.TRANSLATION_CACHE_TTL	int	3600	Time-to-live for the translation cache in seconds @schema type: integer minimum: 1 @schema
favicon	object	{"png":"","svg":"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHN0eWxlPgogICAgQG1lZGlhIChwcmVmZXJzLWNvbG9yLXNjaGVtZTpkYXJrKXtwYXRoe2ZpbGw6I2ZmZn19CiAgPC9zdHlsZT4KICA8cGF0aCBkPSJtMzQuNjcgMTA2LjQzLTUuNTUtMTMuNTVBMTkuMTQgMTkuMTQgMCAwIDAgMjkgNTcuNDJsNS40Ny0xMy41OWEzMy43OCAzMy43OCAwIDAgMSAuMiA2Mi42Wm0yMi45MyAxNy4xMi04LjY4LTExLjhhNDUuMjggNDUuMjggMCAwIDAgOC42MS04LjI3TDY5IDExMi42MmE1OS44MiA1OS44MiAwIDAgMS0xMS40IDEwLjkzWiIvPgogIDxwYXRoIGQ9Ik04Mi4yMyA3NS4xN2E2MC4zNyA2MC4zNyAwIDAgMC0yNC42NC00OC4zOWwtOC42OCAxMS44MWE0NS42MyA0NS42MyAwIDAgMSAxOC42OCAzNi41OCA2MC4yOCA2MC4yOCAwIDAgMCAyNC40OCA0OC4zOGw4LjY4LTExLjhhNDUuNiA0NS42IDAgMCAxLTE4LjUyLTM2LjU4Wm05Ljg1LTI4LjIzLTExLjQ3LTkuMTJhNjAuMTQgNjAuMTQgMCAwIDEgMTEuOTQtMTEuMzdsOC41NiAxMS44OGE0NS41IDQ1LjUgMCAwIDAtOS4wMyA4LjYxWk0xMTUgMTA2LjUyYTM0LjMyIDM0LjMyIDAgMCAxLS4yOS02Mi41Mmw2LjEgMTMuMzJhMTkuNjggMTkuNjggMCAwIDAgLjE5IDM1LjgzWiIvPgo8L3N2Zz4K"}	The favicon used in the Assistant frontend can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing cat favicon.svg \| base64 in a terminal. The svg value takes precedence over the png value. @schema type: object anyOf: - required: - svg properties: svg: type: string minLength: 1 - required: - png properties: png: type: string minLength: 1 @schema
favicon.png	string	""	The base64 encoded favicon.png
favicon.svg	string	"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHN0eWxlPgogICAgQG1lZGlhIChwcmVmZXJzLWNvbG9yLXNjaGVtZTpkYXJrKXtwYXRoe2ZpbGw6I2ZmZn19CiAgPC9zdHlsZT4KICA8cGF0aCBkPSJtMzQuNjcgMTA2LjQzLTUuNTUtMTMuNTVBMTkuMTQgMTkuMTQgMCAwIDAgMjkgNTcuNDJsNS40Ny0xMy41OWEzMy43OCAzMy43OCAwIDAgMSAuMiA2Mi42Wm0yMi45MyAxNy4xMi04LjY4LTExLjhhNDUuMjggNDUuMjggMCAwIDAgOC42MS04LjI3TDY5IDExMi42MmE1OS44MiA1OS44MiAwIDAgMS0xMS40IDEwLjkzWiIvPgogIDxwYXRoIGQ9Ik04Mi4yMyA3NS4xN2E2MC4zNyA2MC4zNyAwIDAgMC0yNC42NC00OC4zOWwtOC42OCAxMS44MWE0NS42MyA0NS42MyAwIDAgMSAxOC42OCAzNi41OCA2MC4yOCA2MC4yOCAwIDAgMCAyNC40OCA0OC4zOGw4LjY4LTExLjhhNDUuNiA0NS42IDAgMCAxLTE4LjUyLTM2LjU4Wm05Ljg1LTI4LjIzLTExLjQ3LTkuMTJhNjAuMTQgNjAuMTQgMCAwIDEgMTEuOTQtMTEuMzdsOC41NiAxMS44OGE0NS41IDQ1LjUgMCAwIDAtOS4wMyA4LjYxWk0xMTUgMTA2LjUyYTM0LjMyIDM0LjMyIDAgMCAxLS4yOS02Mi41Mmw2LjEgMTMuMzJhMTkuNjggMTkuNjggMCAwIDAgLjE5IDM1LjgzWiIvPgo8L3N2Zz4K"	The base64 encoded favicon.svg
featureFlags	object	{"enableChat":true,"enableExtensibleGenerate":true,"enableExtensibleSummarize":true,"enableHomepage":true,"enableNls":true,"enableTranslate":true}	Feature flags for pharia-assistant-api
featureFlags.enableChat	bool	true	Enable inbuilt chat feature @schema type: boolean @schema
featureFlags.enableExtensibleGenerate	bool	true	Enable extensible generate feature @schema type: boolean @schema
featureFlags.enableExtensibleSummarize	bool	true	Enable extensible summarize feature @schema type: boolean @schema
featureFlags.enableHomepage	bool	true	Enable homepage @schema type: boolean @schema
featureFlags.enableNls	bool	true	Enable NLS feature @schema type: boolean @schema
featureFlags.enableTranslate	bool	true	Enable inbuilt translate feature @schema type: boolean @schema
fullnameOverride	string	"pharia-assistant-api"	Override for the full name of pharia-assistant-api
logo	object	{"png":"","svg":"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHBhdGggZD0ibTM0LjY3IDEwNi40My01LjU1LTEzLjU1QTE5LjE0IDE5LjE0IDAgMCAwIDI5IDU3LjQybDUuNDctMTMuNTlhMzMuNzggMzMuNzggMCAwIDEgLjIgNjIuNlptMjIuOTMgMTcuMTItOC42OC0xMS44YTQ1LjI4IDQ1LjI4IDAgMCAwIDguNjEtOC4yN0w2OSAxMTIuNjJhNTkuODIgNTkuODIgMCAwIDEtMTEuNCAxMC45M1oiIC8+CiAgPHBhdGggZD0iTTgyLjIzIDc1LjE3YTYwLjM3IDYwLjM3IDAgMCAwLTI0LjY0LTQ4LjM5bC04LjY4IDExLjgxYTQ1LjYzIDQ1LjYzIDAgMCAxIDE4LjY4IDM2LjU4IDYwLjI4IDYwLjI4IDAgMCAwIDI0LjQ4IDQ4LjM4bDguNjgtMTEuOGE0NS42IDQ1LjYgMCAwIDEtMTguNTItMzYuNThabTkuODUtMjguMjMtMTEuNDctOS4xMmE2MC4xNCA2MC4xNCAwIDAgMSAxMS45NC0xMS4zN2w4LjU2IDExLjg4YTQ1LjUgNDUuNSAwIDAgMC05LjAzIDguNjFaTTExNSAxMDYuNTJhMzQuMzIgMzQuMzIgMCAwIDEtLjI5LTYyLjUybDYuMSAxMy4zMmExOS42OCAxOS42OCAwIDAgMCAuMTkgMzUuODNaIiAvPgo8L3N2Zz4K"}	The logo used in the Assistant frontend can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing cat logo.svg \| base64 in a terminal. The svg value takes precedence over the png value. @schema type: object anyOf: - required: - svg properties: svg: type: string minLength: 1 - required: - png properties: png: type: string minLength: 1 @schema
logo.png	string	""	The base64 encoded logo.png
logo.svg	string	"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHBhdGggZD0ibTM0LjY3IDEwNi40My01LjU1LTEzLjU1QTE5LjE0IDE5LjE0IDAgMCAwIDI5IDU3LjQybDUuNDctMTMuNTlhMzMuNzggMzMuNzggMCAwIDEgLjIgNjIuNlptMjIuOTMgMTcuMTItOC42OC0xMS44YTQ1LjI4IDQ1LjI4IDAgMCAwIDguNjEtOC4yN0w2OSAxMTIuNjJhNTkuODIgNTkuODIgMCAwIDEtMTEuNCAxMC45M1oiIC8+CiAgPHBhdGggZD0iTTgyLjIzIDc1LjE3YTYwLjM3IDYwLjM3IDAgMCAwLTI0LjY0LTQ4LjM5bC04LjY4IDExLjgxYTQ1LjYzIDQ1LjYzIDAgMCAxIDE4LjY4IDM2LjU4IDYwLjI4IDYwLjI4IDAgMCAwIDI0LjQ4IDQ4LjM4bDguNjgtMTEuOGE0NS42IDQ1LjYgMCAwIDEtMTguNTItMzYuNThabTkuODUtMjguMjMtMTEuNDctOS4xMmE2MC4xNCA2MC4xNCAwIDAgMSAxMS45NC0xMS4zN2w4LjU2IDExLjg4YTQ1LjUgNDUuNSAwIDAgMC05LjAzIDguNjFaTTExNSAxMDYuNTJhMzQuMzIgMzQuMzIgMCAwIDEtLjI5LTYyLjUybDYuMSAxMy4zMmExOS42OCAxOS42OCAwIDAgMCAuMTkgMzUuODNaIiAvPgo8L3N2Zz4K"	The base64 encoded logo.svg
postgresql.auth.existingSecret	string	""
postgresql.auth.password	string	""	If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication
postgresql.enabled	bool	true	This is used to indicate whether the internal PostgreSQL should be used or not.
privacyPolicyNotice	list	[{"link_title":"Privacy Policy","link_url":"https://docs.aleph-alpha.com/docs/privacy-policy-de/","locale":"en","text":"Please do not enter any personal, sensitive or classified data in this tool, as it is a test system. You can find more information on how we process personal data in our"},{"link_title":"Datenschutzrichtlinie","link_url":"https://docs.aleph-alpha.com/docs/privacy-policy-de/","locale":"de","text":"Bitte geben Sie keine persönlichen, sensiblen oder geheimen Daten in dieses Tool ein, da es sich um ein Testsystem handelt. Weitere Informationen darüber, wie wir personenbezogene Daten verarbeiten, finden Sie in unserer"}]	If a locale is missing or no customization is provided at all, the frontend has an inbuilt default with the same values as those below. @schema type: array items: type: object properties: locale: enum: ["en", "de"] minLength: 1 text: type: string minLength: 1 link_url: type: string minLength: 1 link_title: type: string minLength: 1 required: - locale - text - link_url - link_title @schema
resources.limits.cpu	string	"1"
resources.limits.memory	string	"4Gi"
resources.requests.cpu	string	"100m"
resources.requests.memory	string	"4Gi"
secret	object	{"serviceUserToken":""}	Allows to populate the secret identified by 'pharia-assistant-api.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'pharia-assistant-api.serviceUserSecret' for more information.
serviceUserSecret	string	"pharia-iam-service-user-pharia-assistant-api"	The name of a secret containing the service user token used by the pharia-assistant-api for sending requests to the inference. This allows to connect the pharia-assistant-api to an externally running inference. The secret must contain the field apiToken. It can either be pre-existing or the chart creates it for you with the value defined in 'pharia-assistant-api.secret'.

pharia-assistant-api-worker

Key	Type	Default	Description
enabled	bool	false	Set this to true to install the pharia-assistant-api-worker subchart as a dependency (BETA)
fullnameOverride	string	"pharia-assistant-api-worker"	Override for the full name of pharia-assistant-api-worker

pharia-chat

Key	Type	Default	Description
enabled	bool	false	Set this to true to install the pharia-chat subchart as a dependency.
fullnameOverride	string	"pharia-chat"	Set this to override the fully qualified name for Pharia Chat
ingress.enabled	bool	false
ingress.tls.enabled	bool	true
postgresql.auth.existingSecret	string	""
postgresql.auth.password	string	""	If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication
postgresql.enabled	bool	true	This is used to indicate whether the internal PostgreSQL should be used or not.
secret	object	{"serviceUserToken":""}	Allows to populate the secret identified by 'pharia-chat.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'pharia-chat.serviceUserSecret' for more information.
serviceUserSecret	string	"pharia-iam-service-user-pharia-chat"	The name of a secret containing the service user token used by the pharia-chat for sending embedding requests to the inference. This allows to connect the pharia-chat to an externally running inference. The secret must contain the field token. It can either be pre-existing or the chart creates it for you with the value defined in 'pharia-chat.secret.serviceUserToken'. This can be left undefined if the pharia-chat is connected to the internal inference (deployed through this helm-chart). In that case use this auto-generated secret.

document-index

Key	Type	Default	Description
document-index-ui.enabled	bool	true
document-index-ui.ingress.annotations	object	{}	Annotations for the ingress-resource. This can be used to add ingress controller specific annotations.
document-index-ui.ingress.enabled	bool	true	Enable ingress creation
document-index-ui.ingress.hostname	string	"document-index-ui"	Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain.
document-index-ui.ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
document-index-ui.ingress.tls.secretName	string	"document-index-ui-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
document-index-ui.resources.limits.cpu	string	"100m"
document-index-ui.resources.limits.memory	string	"1Gi"
document-index-ui.resources.requests.cpu	string	"50m"
document-index-ui.resources.requests.memory	string	"128Mi"
databaseConfig	object	{"external":{"existingSecret":""},"secretKeys":{"databaseNameKey":"databaseName","databaseUrlKey":"databaseUrl","hostKey":"host","passwordKey":"password","portKey":"port","userKey":"user"}}	Config for database access; not required if postgresql dependency deployment is used
databaseConfig.external	object	{"existingSecret":""}	Config for external database access provided via Helm values
databaseConfig.external.existingSecret	string	""	If provided, config values are read from K8s Secret
databaseConfig.secretKeys	object	{"databaseNameKey":"databaseName","databaseUrlKey":"databaseUrl","hostKey":"host","passwordKey":"password","portKey":"port","userKey":"user"}	Keys in K8s Secret for database config values
enabled	bool	true	Set this to true to install the document-index subchart as a dependency
fullnameOverride	string	"document-index"
ingress.enabled	bool	true	Enabled ingress creation
ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
postgresql.auth.existingSecret	string	""
postgresql.auth.password	string	""	If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication
postgresql.enabled	bool	true	This is used to indicate whether the internal PostgreSQL should be used or not.
postgresql.persistence.size	string	"128Gi"
postgresql.resources.limits.cpu	string	"4"
postgresql.resources.limits.memory	string	"2Gi"
postgresql.resources.requests.cpu	string	"2"
postgresql.resources.requests.memory	string	"1Gi"
qdrant.requests.cpu	string	"2"
qdrant.requests.memory	string	"32Gi"
qdrant.resources.limits.cpu	string	"4"
qdrant.resources.limits.memory	string	"32Gi"
resources.limits.cpu	string	"4"
resources.limits.memory	string	"2Gi"
resources.requests.cpu	string	"2"
resources.requests.memory	string	"1Gi"
secret	object	{"serviceUserToken":""}	Allows to populate the secret identified by 'document-index.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'document-index.serviceUserSecret' for more information.
serviceUserSecret	string	"pharia-iam-service-user-document-index"	The name of a secret containing the service user token used by the document-index for sending embedding requests to the inference. This allows to connect the document-index to an externally running inference. The secret must contain the field token. It can either be pre-existing or the chart creates it for you with the value defined in 'document-index.secret.serviceUserToken'. This can be left undefined if the document-index is connected to the internal inference (deployed through this helm-chart). In that case use this auto-generated secret.
sparse-embedding-service.defaultLanguage	string	"english"	The language to default to if language detection fails.
sparse-embedding-service.languageDetectors	string	"english,german"	The language detectors to load. Set this to the languages you want to support. Supported values: "arabic,basque,catalan,danish,dutch,english,finnish,french,german, greek,hungarian,indonesian,italian,norwegian,portuguese,romanian,russian,spanish, swedish,turkish"
sparse-embedding-service.resources.limits.cpu	string	"1"
sparse-embedding-service.resources.limits.memory	string	"512Mi"
sparse-embedding-service.resources.requests.cpu	string	"1"
sparse-embedding-service.resources.requests.memory	string	"512Mi"

document-index-ui

Key	Type	Default	Description
enabled	bool	true
ingress.annotations	object	{}	Annotations for the ingress-resource. This can be used to add ingress controller specific annotations.
ingress.enabled	bool	true	Enable ingress creation
ingress.hostname	string	"document-index-ui"	Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain.
ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
ingress.tls.secretName	string	"document-index-ui-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
resources.limits.cpu	string	"100m"
resources.limits.memory	string	"1Gi"
resources.requests.cpu	string	"50m"
resources.requests.memory	string	"128Mi"

inference-api

Key	Type	Default	Description
admin.email	string	"tools@aleph-alpha.com"	Email of the admin user to create on startup
admin.emailKey	string	"email"	The email key in the secret
admin.existingSecret	string	""	Existing secret to use instead of email/password.
admin.password	string	""	Initial password of the admin user. If no existing external secret is provided via admin.existingSecret, a password value has to be applied during installation
admin.passwordKey	string	"password"	The password key in the secret
databaseConfig	object	{"external":{"existingSecret":""},"secretKeys":{"databaseNameKey":"databaseName","databaseUrlKey":"databaseUrl","hostKey":"host","passwordKey":"password","portKey":"port","userKey":"user"}}	Config for database access; not required if postgresql dependency deployment is used
databaseConfig.external	object	{"existingSecret":""}	Config for external database access provided via Helm values
databaseConfig.external.existingSecret	string	""	If provided, config values are read from K8s Secret
databaseConfig.secretKeys	object	{"databaseNameKey":"databaseName","databaseUrlKey":"databaseUrl","hostKey":"host","passwordKey":"password","portKey":"port","userKey":"user"}	Keys in K8s Secret for database config values
enableOIDC	bool	true	Use OIDC in addition to built-in tokens
enableUnauthenticatedAccess	bool	false	Set this to true to disable all token validation in the inference api
fullnameOverride	string	"inference-api"
inferenceApiServices.existingSecret	string	""	Name of an existing inferenceApiServices secret. If you want to provide your own secret, set this to the name of your secret. Keep in mind to set global.inferenceApiServicesSecretRef to the same name if an existing secret is used. The secret is expected to have a key-value-pair with key secret.
inferenceApiServices.secret	string	""	Manually added services secret If no existing external secret is provided via inferenceApiServices.existingSecret, a secret value has to be applied during installation
ingress.enabled	bool	true	Enabled ingress creation
ingress.ingressSubdomain	string	"inference-api"
ingress.tls.enabled	bool	true
ingress.tls.secretName	string	"inference-api-tls"
jwt.existingSecret	string	""	Name of an existing jwt secret to use The secret is expected to have a key-value-pair with key secret.
jwt.secret	string	""	Manually added jwt secret If no existing external secret is provided via jwt.existingSecret, a secret value has to be applied during installation
postgresql.auth.existingSecret	string	""
postgresql.auth.password	string	""	If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication
postgresql.enabled	bool	true	This is used to indicate whether the internal PostgreSQL should be used or not.
resources.limits.cpu	string	"1"
resources.limits.memory	string	"8Gi"
resources.requests.cpu	string	"1"
resources.requests.memory	string	"1Gi"

inference-worker

Key	Type	Default	Description
checkpoints[0].generator.pipeline_parallel_size	int	1
checkpoints[0].generator.tensor_parallel_size	int	1
checkpoints[0].generator.tokenizer_path	string	"luminous-base-2022-04/alpha-001-128k.json"
checkpoints[0].generator.type	string	"luminous"
checkpoints[0].generator.weight_set_directories[0]	string	"luminous-base-2022-04"
checkpoints[0].modelVolumeClaim	string	"models-luminous-base"
checkpoints[0].models.luminous-base.adapter_name	string	nil
checkpoints[0].models.luminous-base.aligned	bool	false
checkpoints[0].models.luminous-base.bias_name	string	nil
checkpoints[0].models.luminous-base.chat_template	string	nil
checkpoints[0].models.luminous-base.completion_type	string	"full"
checkpoints[0].models.luminous-base.description	string	"Multilingual model trained on English, German, French, Spanish and Italian"
checkpoints[0].models.luminous-base.embedding_type	string	"semantic"
checkpoints[0].models.luminous-base.experimental	bool	false
checkpoints[0].models.luminous-base.maximum_completion_tokens	int	8192
checkpoints[0].models.luminous-base.multimodal_enabled	bool	true
checkpoints[0].models.luminous-base.prompt_template	string	"{% promptrange instruction %}{{instruction}}{% endpromptrange %}\n{% if input %}\n{% promptrange input %}{{input}}{% endpromptrange %}\n{% endif %}"
checkpoints[0].models.luminous-base.semantic_embedding_enabled	bool	true
checkpoints[0].models.luminous-base.softprompt_name	string	nil
checkpoints[0].models.luminous-base.worker_type	string	"luminous"
checkpoints[0].queue	string	"luminous-base"
checkpoints[0].replicas	int	1
checkpoints[0].version	int	0
checkpoints[1].generator.pipeline_parallel_size	int	1
checkpoints[1].generator.tensor_parallel_size	int	1
checkpoints[1].generator.tokenizer_path	string	"llama-3.1-8b-instruct/tokenizer.json"
checkpoints[1].generator.type	string	"luminous"
checkpoints[1].generator.weight_set_directories[0]	string	"llama-3.1-8b-instruct"
checkpoints[1].modelVolumeClaim	string	"models-llama-3.1-8b-instruct"
checkpoints[1].models."llama-3.1-8b-instruct".adapter_name	string	nil
checkpoints[1].models."llama-3.1-8b-instruct".aligned	bool	true
checkpoints[1].models."llama-3.1-8b-instruct".bias_name	string	nil
checkpoints[1].models."llama-3.1-8b-instruct".chat_template.bos_token	string	"<\|begin_of_text\|>"
checkpoints[1].models."llama-3.1-8b-instruct".chat_template.eos_token	string	"<\|end_of_text\|>"
checkpoints[1].models."llama-3.1-8b-instruct".chat_template.template	string	"{% set loop_messages = messages %}{% for message in loop_messages %}{% set content = '<\|start_header_id\|>' + message['role'] + '<\|end_header_id\|>\n\n'+ message['content'] \| trim + '<\|eot_id\|>' %}{% if loop.index0 == 0 %}{% set content = bos_token + content %}{% endif %}{{ content }}{% endfor %}{{ '<\|start_header_id\|>assistant<\|end_header_id\|>\n\n' }}"
checkpoints[1].models."llama-3.1-8b-instruct".completion_type	string	"full"
checkpoints[1].models."llama-3.1-8b-instruct".description	string	"🦙 Llama 3.1 8B instruct version. The maximum number of completion tokens is limited to 8192 tokens."
checkpoints[1].models."llama-3.1-8b-instruct".embedding_type	string	"raw"
checkpoints[1].models."llama-3.1-8b-instruct".experimental	bool	false
checkpoints[1].models."llama-3.1-8b-instruct".maximum_completion_tokens	int	8192
checkpoints[1].models."llama-3.1-8b-instruct".multimodal_enabled	bool	false
checkpoints[1].models."llama-3.1-8b-instruct".prompt_template	string	"<\|begin_of_text\|>{% for message in messages %}<\|start_header_id\|>{{message.role}}<\|end_header_id\|>\n\n{% promptrange instruction %}{{message.content}}{% endpromptrange %}<\|eot_id\|>{% endfor %}<\|start_header_id\|>assistant<\|end_header_id\|>\n\n{% if response_prefix %}{{response_prefix}}{% endif %}"
checkpoints[1].models."llama-3.1-8b-instruct".softprompt_name	string	nil
checkpoints[1].models."llama-3.1-8b-instruct".worker_type	string	"luminous"
checkpoints[1].queue	string	"llama-3.1-8b-instruct"
checkpoints[1].replicas	int	1
checkpoints[1].version	int	0
checkpoints[2].generator.pipeline_parallel_size	int	1
checkpoints[2].generator.tensor_parallel_size	int	4
checkpoints[2].generator.tokenizer_path	string	"llama-3.3-70b-instruct/tokenizer.json"
checkpoints[2].generator.type	string	"luminous"
checkpoints[2].generator.weight_set_directories[0]	string	"llama-3.3-70b-instruct"
checkpoints[2].modelVolumeClaim	string	"models-llama-3.3-70b-instruct"
checkpoints[2].models."llama-3.3-70b-instruct".adapter_name	string	nil
checkpoints[2].models."llama-3.3-70b-instruct".aligned	bool	true
checkpoints[2].models."llama-3.3-70b-instruct".bias_name	string	nil
checkpoints[2].models."llama-3.3-70b-instruct".chat_template.bos_token	string	"<\|begin_of_text\|>"
checkpoints[2].models."llama-3.3-70b-instruct".chat_template.eos_token	string	"<\|end_of_text\|>"
checkpoints[2].models."llama-3.3-70b-instruct".chat_template.template	string	"{% set loop_messages = messages %}{% for message in loop_messages %}{% set content = '<\|start_header_id\|>' + message['role'] + '<\|end_header_id\|>\n\n'+ message['content'] \| trim + '<\|eot_id\|>' %}{% if loop.index0 == 0 %}{% set content = bos_token + content %}{% endif %}{{ content }}{% endfor %}{{ '<\|start_header_id\|>assistant<\|end_header_id\|>\n\n' }}"
checkpoints[2].models."llama-3.3-70b-instruct".completion_type	string	"full"
checkpoints[2].models."llama-3.3-70b-instruct".description	string	"🦙 Llama 3.3 70B instruct version. The maximum number of completion tokens is limited to 8192 tokens."
checkpoints[2].models."llama-3.3-70b-instruct".embedding_type	string	"raw"
checkpoints[2].models."llama-3.3-70b-instruct".experimental	bool	false
checkpoints[2].models."llama-3.3-70b-instruct".maximum_completion_tokens	int	8192
checkpoints[2].models."llama-3.3-70b-instruct".multimodal_enabled	bool	false
checkpoints[2].models."llama-3.3-70b-instruct".prompt_template	string	"<\|begin_of_text\|>{% for message in messages %}<\|start_header_id\|>{{message.role}}<\|end_header_id\|>\n\n{% promptrange instruction %}{{message.content}}{% endpromptrange %}<\|eot_id\|>{% endfor %}<\|start_header_id\|>assistant<\|end_header_id\|>\n\n{% if response_prefix %}{{response_prefix}}{% endif %}"
checkpoints[2].models."llama-3.3-70b-instruct".softprompt_name	string	nil
checkpoints[2].models."llama-3.3-70b-instruct".worker_type	string	"luminous"
checkpoints[2].queue	string	"llama-3.3-70b-instruct"
checkpoints[2].replicas	int	1
checkpoints[2].version	int	0
checkpoints[3].generator.pipeline_parallel_size	int	1
checkpoints[3].generator.tensor_parallel_size	int	1
checkpoints[3].generator.tokenizer_path	string	"llama-guard-3-8b/tokenizer.json"
checkpoints[3].generator.type	string	"luminous"
checkpoints[3].generator.weight_set_directories[0]	string	"llama-guard-3-8b"
checkpoints[3].modelVolumeClaim	string	"models-llama-guard-3-8b"
checkpoints[3].models.llama-guard-3-8b.adapter_name	string	nil
checkpoints[3].models.llama-guard-3-8b.aligned	bool	true
checkpoints[3].models.llama-guard-3-8b.bias_name	string	nil
checkpoints[3].models.llama-guard-3-8b.chat_template.bos_token	string	"<\|begin_of_text\|>"
checkpoints[3].models.llama-guard-3-8b.chat_template.eos_token	string	"<\|end_of_text\|>"
checkpoints[3].models.llama-guard-3-8b.chat_template.template	string	"{% set loop_messages = messages %}{% for message in loop_messages %}{% set content = '<\|start_header_id\|>' + message['role'] + '<\|end_header_id\|>\n\n'+ message['content'] \| trim + '<\|eot_id\|>' %}{% if loop.index0 == 0 %}{% set content = bos_token + content %}{% endif %}{{ content }}{% endfor %}{{ '<\|start_header_id\|>assistant<\|end_header_id\|>\n\n' }}"
checkpoints[3].models.llama-guard-3-8b.completion_type	string	"full"
checkpoints[3].models.llama-guard-3-8b.description	string	"🦙 Llama-Guard-3-8B. The maximum number of completion tokens is limited to 8192 tokens."
checkpoints[3].models.llama-guard-3-8b.embedding_type	string	"raw"
checkpoints[3].models.llama-guard-3-8b.experimental	bool	false
checkpoints[3].models.llama-guard-3-8b.maximum_completion_tokens	int	8192
checkpoints[3].models.llama-guard-3-8b.multimodal_enabled	bool	false
checkpoints[3].models.llama-guard-3-8b.prompt_template	string	"<\|begin_of_text\|>{% for message in messages %}<\|start_header_id\|>{{message.role}}<\|end_header_id\|>\n\n{% promptrange instruction %}{{message.content}}{% endpromptrange %}<\|eot_id\|>{% endfor %}<\|start_header_id\|>assistant<\|end_header_id\|>\n\n{% if response_prefix %}{{response_prefix}}{% endif %}"
checkpoints[3].models.llama-guard-3-8b.softprompt_name	string	nil
checkpoints[3].models.llama-guard-3-8b.worker_type	string	"luminous"
checkpoints[3].queue	string	"llama-guard-3-8b"
checkpoints[3].replicas	int	1
checkpoints[3].version	int	0
fullnameOverride	string	"pharia-ai-inference-worker"
resources.limits.cpu	string	"4"
resources.limits.memory	string	"8Gi"
resources.requests.cpu	string	"1"
resources.requests.memory	string	"4Gi"
tolerations	list	[]

pharia-data-api

Key	Type	Default	Description
databaseConfig	object	{"external":{"existingSecret":""},"secretKeys":{"databaseNameKey":"databaseName","databaseUrlKey":"databaseUrl","hostKey":"host","passwordKey":"password","portKey":"port","userKey":"user"}}	Config for database access; not required if postgresql dependency deployment is used
databaseConfig.external	object	{"existingSecret":""}	Config for external database access provided via Helm values
databaseConfig.external.existingSecret	string	""	If provided, config values are read from K8s Secret
databaseConfig.secretKeys	object	{"databaseNameKey":"databaseName","databaseUrlKey":"databaseUrl","hostKey":"host","passwordKey":"password","portKey":"port","userKey":"user"}	Keys in K8s Secret for database config values
enabled	bool	true	Set this to true to install the pharia-data-api subchart as a dependency
fullnameOverride	string	"pharia-data-api"
ingress.enabled	bool	true	Enabled ingress creation locally
ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
minio.enabled	bool	true
minio.fullnameOverride	string	"minio-data"
postgresql.auth.existingSecret	string	""
postgresql.auth.password	string	""	If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication
postgresql.enabled	bool	true	This is used to indicate whether the internal PostgreSQL should be used or not.
rabbitmq.auth.password	string	""
rabbitmq.auth.username	string	"user"
rabbitmq.enabled	bool	true
rabbitmq.loadDefinition.enabled	bool	false
rabbitmq.loadDefinition.existingSecret	string	"pharia-data-api-rabbitmq-load-definitions-secret"
rabbitmqConfig.defaultLoadDefinitionsSecret	string	"pharia-data-api-rabbitmq-load-definitions-secret"	The load definitions secret must hold the RabbitMQ topology configuration.
rabbitmqConfig.defaultSecret	string	"pharia-data-api-rabbitmq-secret"	Default secret name is used to create a secret if external.existingSecret is not provided.
rabbitmqConfig.external.existingSecret	string	""	Set this value if a k8s Secret with RabbitMQ values already exists. Make sure that the all the keys exists in the secret with a valid value.
rabbitmqConfig.external.loadDefinitionsSecret	string	""	The load definitions secret name
rabbitmqConfig.external.rabbitmqUser	string	""	The user of the RabbitMQ
rabbitmqConfig.external.rabbitmqUserPassword	string	""	The password of the user of RabbitMQ
rabbitmqConfig.secretKeys.hostKey	string	"rabbitmq-host"	The key in the secret that contains the host of the RabbitMQ
rabbitmqConfig.secretKeys.portKey	string	"rabbitmq-port"	The key in the secret that contains the port of the RabbitMQ
rabbitmqConfig.secretKeys.userKey	string	"rabbitmq-username"	The key in the secret that contains the user of the RabbitMQ
rabbitmqConfig.secretKeys.userPasswordKey	string	"rabbitmq-password"	The key in the secret that contains the password of the RabbitMQ
secret.serviceUserToken	string	""
serviceUserSecret	string	"pharia-iam-service-user-pharia-data-etl"
serviceUserSecretKey	string	""
storageConfig.externalBucket.defaultSecret	string	"pharia-data-api-external-storage-secret"	Default secret name is used to create a secret if external.existingSecret is not provided.
storageConfig.externalBucket.external.existingSecret	string	""	Set this value if a k8s Secret with storage values already exists. Make sure that all the keys exist in the secret with a valid value.
storageConfig.externalBucket.secretKeys.bucketNameKey	string	"bucketName"	The key in the secret that contains the bucket name
storageConfig.externalBucket.secretKeys.bucketPasswordKey	string	"bucketPassword"	The key in the secret that contains the bucket password
storageConfig.externalBucket.secretKeys.bucketUserKey	string	"bucketUser"	The key in the secret that contains the bucket user
storageConfig.internalBucket.defaultSecret	string	"pharia-data-api-internal-storage-secret"	Default secret name is used to create a secret if external.existingSecret is not provided.
storageConfig.internalBucket.external.existingSecret	string	""	Set this value if a k8s Secret with storage values already exists. Make sure that all the keys exist in the secret with a valid value.
storageConfig.internalBucket.secretKeys.bucketNameKey	string	"bucketName"	The key in the secret that contains the bucket name
storageConfig.internalBucket.secretKeys.bucketPasswordKey	string	"bucketPassword"	The key in the secret that contains the bucket password
storageConfig.internalBucket.secretKeys.bucketUserKey	string	"bucketUser"	The key in the secret that contains the bucket user
storageUrl	string	""	The storageUrl is used to configure the internal and external storages. If the storageUrl is not provided, the internal storage will be used.
tasks.enabled	bool	true

pharia-finetuning

Key	Type	Default	Description
aim	object	{"ingress":{"annotations":{},"enabled":false,"hostname":"pharia-aim","ingressClassName":"","tls":{"enabled":true,"secretName":"pharia-aim-tls"}},"storageClassName":""}	Configuration of the experiment tracker
aim.ingress	object	{"annotations":{},"enabled":false,"hostname":"pharia-aim","ingressClassName":"","tls":{"enabled":true,"secretName":"pharia-aim-tls"}}	Configure external access to Pharia finetuning Aim UI
aim.ingress.annotations	object	{}	Annotations for the Ingress resource. This can be used to add ingress controller specific annotations
aim.ingress.enabled	bool	false	Set this to true to set up an Ingress for Pharia finetuning Aim UI Warning: The UI does support auth at the moment.
aim.ingress.hostname	string	"pharia-aim"	Hostname for the Ingress (without domain). The domain is read from global.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain
aim.ingress.ingressClassName	string	""	Ingress class to be used to the ingress of the experiment tracking framework. If unset, global.ingress.ingressClassName will be used. This is value is to be deprecated as soon as authentication is implemented.
aim.ingress.tls	object	{"enabled":true,"secretName":"pharia-aim-tls"}	Configure TLS for this Ingress
aim.ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
aim.ingress.tls.secretName	string	"pharia-aim-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
aim.storageClassName	string	""	Storage class to be used for PVC
enabled	bool	true	Set this to true to install the pharia-finetuning subchart as a dependency.
finetuningApi	object	{"ingress":{"annotations":{},"enabled":true,"hostname":"pharia-finetuning-api","tls":{"enabled":true,"secretName":"pharia-finetuning-api-tls"}}}	Configuration of the Finetuning API
finetuningApi.ingress	object	{"annotations":{},"enabled":true,"hostname":"pharia-finetuning-api","tls":{"enabled":true,"secretName":"pharia-finetuning-api-tls"}}	Configure external access to Pharia finetuning API
finetuningApi.ingress.annotations	object	{}	Annotations for the Ingress resource. This can be used to add ingress controller specific annotations
finetuningApi.ingress.enabled	bool	true	Set this to true to set up an Ingress for Pharia finetuning API
finetuningApi.ingress.hostname	string	"pharia-finetuning-api"	Hostname for the Ingress (without domain). The domain is read from global.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain
finetuningApi.ingress.tls	object	{"enabled":true,"secretName":"pharia-finetuning-api-tls"}	Configure TLS for this Ingress
finetuningApi.ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
finetuningApi.ingress.tls.secretName	string	"pharia-finetuning-api-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
fullnameOverride	string	"pharia-finetuning"	Set this to override the fully qualified name for Pharia Finetuning
kuberay-operator	object	{}	Configuration of kuberay operator. See https://github.com/ray-project/kuberay/blob/master/helm-chart/kuberay-operator/values.yaml for available values.
minio	object	{"enabled":true,"fullnameOverride":"pharia-finetuning-minio","nameOverride":"pharia-finetuning-minio","persistence":{"size":"1Ti"}}	Configuration of built-in S3 storage. It is recommended to disable the built-in storage for production installations and connect to an external S3 storage instead.
minio.enabled	bool	true	Set to false to disable built-in storage
minio.persistence.size	string	"1Ti"	Disk space allocated to storage
rayCluster	object	{"workerGroups":{"cpu-group":{"maxReplicas":4,"nodeSelector":{},"tolerations":[]},"gpu-group":{"maxReplicas":4,"nodeSelector":{},"tolerations":[]}}}	Configuration of the distributed training framework
storageConfig	object	{"fromSecret":{"secretKeys":{"bucketNameKey":"bucketName","endpointUrlKey":"endpointUrl","passwordKey":"bucketPassword","regionKey":"region","userKey":"bucketUser"},"secretName":""},"fromValues":{"bucketName":"","endpointUrl":"","password":"","region":"","user":""}}	Configuration of S3 storage used to store base model weights and finetuning artifacts like checkpoints. When using the built-in storage, this configuration can stay untouched.
storageConfig.fromSecret	object	{"secretKeys":{"bucketNameKey":"bucketName","endpointUrlKey":"endpointUrl","passwordKey":"bucketPassword","regionKey":"region","userKey":"bucketUser"},"secretName":""}	Provide credentials as a k8s secret for access to external S3 storage. When providing credentails in plaintext, this section can stay untouched and fromValues should be adjusted.
storageConfig.fromSecret.secretKeys	object	{"bucketNameKey":"bucketName","endpointUrlKey":"endpointUrl","passwordKey":"bucketPassword","regionKey":"region","userKey":"bucketUser"}	Provide the keys within the k8s secret under which to find bucket name, username, password, endoint URL and region
storageConfig.fromSecret.secretName	string	""	Name of the k8s secret that holds the S3 credentials. This secret is expected to exist when this helm chart is installed.
storageConfig.fromValues	object	{"bucketName":"","endpointUrl":"","password":"","region":"","user":""}	Provide credentials to external S3 storage in plaintext. When providing credentials via a k8s secret, this section can stay untouched and fromSecret should be adjusted.

pharia-iam

Key	Type	Default	Description
api	object	{"ingress":{"annotations":{},"enabled":false,"tls":{"enabled":true,"secretName":"pharia-iam-api-tls"}}}	Internal API configuration
api.ingress.annotations	object	{}	Annotations for the ingress-resource. This can be used to add ingress controller specific annotations.
api.ingress.enabled	bool	false	Enabled ingress creation
api.ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
api.ingress.tls.secretName	string	"pharia-iam-api-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
config	object	{"adminEmail":"admin@localhost","adminEnableDirectUserManagement":false,"adminEnableZitadelManagement":false,"adminPassword":null,"adminUserName":"admin","defaultRolesForLogin":["AssistantUser"],"serviceUsers":{"document-index":{"description":"Initial service user for the Document Index","name":"Document Index","ownedResources":["document_index_namespace"],"roles":["InferenceServiceUser"]},"pharia-assistant-api":{"description":"Initial service user for the Pharia Assistant API","name":"Pharia Assistant API","roles":["AssistantUser","OsUser"]},"pharia-chat":{"description":"Initial service user for Pharia Chat","name":"Pharia Chat","roles":["AssistantUser"]},"pharia-data-etl":{"description":"Initial service user for the Pharia Data ETL","name":"Pharia Data ETL","roles":["EtlServiceUser"]},"pharia-os":{"description":"Initial service user for Pharia OS","name":"Pharia OS","roles":["InferenceServiceUser"]},"pharia-studio":{"description":"Service user for studio to upload relations and check privileges","name":"Pharia Studio","ownedResources":["project"],"roles":["StudioUser"]},"use-cases":{"description":"One service user for all use cases as intermediate solution until authentication can be dynamically generated.","name":"Use Case Service User","roles":["UseCaseServiceUser"]}}}	IAM configuration
config.adminEmail	string	"admin@localhost"	Email of initial user
config.adminEnableDirectUserManagement	bool	false	Enable direct access to user management console for initial admin account. Enable if PhariaOs console is not used, but user management is needed.
config.adminEnableZitadelManagement	bool	false	Enable direct access to internal identity provider - only needed to configure advanced features such as self-signup or user federation
config.adminPassword	string	nil	Init password of initial user. To be valid it requires to have 10-70 characters, including at least one uppercase letter, one lowercase letter, and one digit. User will need to change this password on the first login. @schema type: - string - null @schema
config.adminUserName	string	"admin"	initial user name
config.defaultRolesForLogin	list	["AssistantUser"]	Configure the default roles for a user that registers via SSO or self sign up
enabled	bool	true	Set this to true to install the pharia-iam subchart as a dependency
image	object	{"repository":"alephalpha.jfrog.io/pharia-iam/pharia-iam","tag":""}	Image of API and configuration job
ingress	object	{"annotations":{},"enabled":true,"tls":{"enabled":true,"secretName":"pharia-iam-tls"}}	Ingress configuration for Zitadel (including login endpoints)
ingress.annotations	object	{}	Annotations for the ingress-resource. This can be used to add ingress controller specific annotations.
ingress.enabled	bool	true	Enabled ingress creation
ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
ingress.tls.secretName	string	"pharia-iam-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
openFgaDatabaseConfig.defaultSecret	string	"pharia-iam-openfga-postgres-secret"
openFgaDatabaseConfig.external.databaseName	string	""	The name of the database for the secret to create
openFgaDatabaseConfig.external.existingSecret	string	""	Set this value if a k8s Secret with PostgreSQL values already exists. Make sure it has the key 'uri' with a valid value. There is a workaround for different keys, see below.
openFgaDatabaseConfig.external.host	string	""	The host of the database for the secret to create
openFgaDatabaseConfig.external.password	string	""	The password of the database for the secret to create
openFgaDatabaseConfig.external.port	string	""	The port of the database for the secret to create
openFgaDatabaseConfig.external.uri	string	""	A postgres connection URI for the secret to create. This overwrites all other values, if set. Otherwise, the uri is build from the above values.
openFgaDatabaseConfig.external.user	string	""	The user of the database for the secret to create
openFgaDatabaseConfig.secretKeys.passwordKey	string	"password"
openFgaDatabaseConfig.secretKeys.uriKey	string	"uri"
openFgaPostgresql.auth.password	string	""	If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication
openFgaPostgresql.enabled	bool	true	This is used to indicate whether the internal PostgreSQL should be used or not.
openfga	object	{"datastore":{"migrations":{"resources":{}},"uriSecret":"pharia-iam-openfga-postgres-secret"},"resources":{}}	OpenFGA Service Configuration
openfga.datastore.migrations.resources	object	{}	Specify resources for the migration job
openfga.datastore.uriSecret	string	"pharia-iam-openfga-postgres-secret"	Secret with key "uri" containing the connection string to the database connection string for OpenFGA. Format: postgres://user:password@host:port/database?flags. This name must be overwritten if an existing secret is used!
openfga.resources	object	{}	Specify resources for the openfga service
openfgaEnabled	bool	true	Enable OpenFGA for IAM. This will be mandatory for IAM to work in the future!
zitadelDatabaseConfig.external	object	{"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""}	Provide an existing database if you want to use an external database
zitadelDatabaseConfig.external.databaseName	string	""	The name of the database
zitadelDatabaseConfig.external.existingSecret	string	""	Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the keys exists in the secret with a valid value.
zitadelDatabaseConfig.external.host	string	""	The host of the database
zitadelDatabaseConfig.external.password	string	""	The password of the database
zitadelDatabaseConfig.external.port	string	""	The port of the database
zitadelDatabaseConfig.external.user	string	""	The user of the database
zitadelDatabaseConfig.secretKeys.databaseNameKey	string	"databaseName"	The key in the secret that contains the database name
zitadelDatabaseConfig.secretKeys.hostKey	string	"host"	The key in the secret that contains the host of the database
zitadelDatabaseConfig.secretKeys.passwordKey	string	"password"	The key in the secret that contains the password of the database
zitadelDatabaseConfig.secretKeys.portKey	string	"port"	The key in the secret that contains the port of the database
zitadelDatabaseConfig.secretKeys.userKey	string	"user"	The key in the secret that contains the user of the database
zitadelPostgresql.auth.password	string	""	If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication
zitadelPostgresql.enabled	bool	true	This is used to indicate whether the internal PostgreSQL should be used or not.

pharia-kernel

Key	Type	Default	Description
defaultNamespaces	list	["assistant"]	Specify the default namespaces for Pharia Kernel, which provide the default skills. If the default namespaces are configured, any duplicate namespaces in pharia-kernel.namespaces are ignored. For each default namespace, the following values need to be provided in the Pharia AI ConfigMap: NAMESPACES____CONFIG_URL: URL to the namespace configuration NAMESPACES____REGISTRY: Skill registry of the namespace NAMESPACES____BASE_REPOSITORY: Base repository of the namespace The credentials for accessing the skill registries are retrieved from registryUser and registryPassword in the Secret configured as global.imagePullOpaqueSecretName.
enabled	bool	true	Set this to true to install the pharia-kernel subchart as a dependency.
env	list	[]	Define additional environment variables. This is required when namespace is added in pharia-kernel.namespaces. Both env and envFrom fields are supported. Schema: https://github.com/yannh/kubernetes-json-schema/blob/master/master-standalone-strict/envvar.json See also: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/
fullnameOverride	string	"pharia-kernel"	Set this to override the fully qualified name for Pharia Kernel
ingress	object	{"annotations":{},"enabled":true,"hostname":"pharia-kernel","tls":{"enabled":true,"secretName":"pharia-kernel-tls"}}	Configure external access to Pharia Kernel
ingress.annotations	object	{}	Annotations for the Ingress resource. This can be used to add ingress controller specific annotations
ingress.enabled	bool	true	Set this to true to set up an Ingress for Pharia Kernel
ingress.hostname	string	"pharia-kernel"	Hostname for the Ingress (without domain). The domain is read from global.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain
ingress.tls	object	{"enabled":true,"secretName":"pharia-kernel-tls"}	Configure TLS for this Ingress
ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
ingress.tls.secretName	string	"pharia-kernel-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
logLevel	string	"info"	Set the log level for Pharia Kernel. This does not affect other targets, where errors are always logged. The options are: error warn info debug trace off
namespaces	object	{}	Configure the namespaces for Pharia Kernel. Each namespace needs to be explicitly defined. The name of each namespace can be specified in camelCase, and is converted to kebab-case when deployed. Example: # The Namespace name playground: # The URL to the corresponding namespace configuration TOML file configUrl: "https://gitlab.aleph-alpha.de/api/v4/projects/123/repository/files/namespace.toml/raw?ref=main" # The Container Registry that backs the skill registry for this namespace registry: "registry.gitlab.aleph-alpha.de" # The base repository in `registry` that backs the skill registry for this namespace # This composes the final repository for each skill e.g. ${baseRepository}/${skillName} baseRepository: "engineering/pharia-kernel-playground/skills" Each of the value can alternatively be provided as environment variables, which is highly encouraged for providing the credentials: # The access token for `configUrl` NAMESPACES__PLAYGROUND__CONFIG_ACCESS_TOKEN # The user name for accessing `registry` NAMESPACES__PLAYGROUND__REGISTRY_USER # The password or access token for accessing `registry` NAMESPACES__PLAYGROUND__REGISTRY_PASSWORD
openTelemetryEndpoint	string	""	Set the address of the OpenTelemetry protocol (OTLP) collector. No OpenTelemetry tracing subscriber is created if this is not set. Example: "https://tracing.aleph-alpha.com"
resources	object	{}	Specify how much of each resource Pharia Kernel needs. Schema: https://github.com/yannh/kubernetes-json-schema/blob/master/master-standalone-strict/resourcerequirements.json See also: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
serviceMonitor	object	{"enabled":false}	Enable the ServiceMonitor that targets Pharia Kernel

pharia-studio-api

Key	Type	Default	Description
databaseConfig	object	{"external":{"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""},"secretKeys":{"databaseNameKey":"databaseName","hostKey":"host","passwordKey":"password","portKey":"port","userKey":"user"}}	Default database configuration for the pharia-studio-api service access postgres database
databaseConfig.external	object	{"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""}	Provide an existing database if you want to use an external database
databaseConfig.external.databaseName	string	""	The name of the database
databaseConfig.external.existingSecret	string	""	Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the keys exists in the secret with a valid value.
databaseConfig.external.host	string	""	The host of the database
databaseConfig.external.password	string	""	The password of the database
databaseConfig.external.port	string	""	The port of the database
databaseConfig.external.user	string	""	The user of the database
databaseConfig.secretKeys.databaseNameKey	string	"databaseName"	The key in the secret that contains the database name
databaseConfig.secretKeys.hostKey	string	"host"	The key in the secret that contains the host of the database
databaseConfig.secretKeys.passwordKey	string	"password"	The key in the secret that contains the password of the database
databaseConfig.secretKeys.portKey	string	"port"	The key in the secret that contains the port of the database
databaseConfig.secretKeys.userKey	string	"user"	The key in the secret that contains the user of the database
enabled	bool	true	Set this to true to install the pharia-studio-api subchart as a dependency
fullnameOverride	string	"pharia-studio-api"	Default nameOverride of the application
ingress.annotations	object	{}	Annotations for the ingress-resource. This can be used to add ingress controller specific annotations.
ingress.enabled	bool	true	Enabled ingress creation
ingress.hostname	string	"pharia-studio-api"	Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain.
ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
ingress.tls.secretName	string	"pharia-studio-api-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
postgresql.auth.existingSecret	string	""
postgresql.auth.password	string	""	If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication
postgresql.enabled	bool	true	This is used to indicate whether the internal PostgreSQL should be used or not.
resources.limits.cpu	string	"1"
resources.limits.memory	string	"1Gi"
resources.requests.cpu	string	"500m"
resources.requests.memory	string	"1Gi"
serviceUserSecret	string	"pharia-iam-service-user-pharia-studio"	Needed for creation of relations in IAM

pharia-studio-ui

Key	Type	Default	Description
enabled	bool	true
fullnameOverride	string	"pharia-studio"
ingress.annotations	object	{}	Annotations for the ingress-resource. This can be used to add ingress controller specific annotations.
ingress.enabled	bool	true	Enabled ingress creation
ingress.hostname	string	"pharia-studio"	Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain.
ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
ingress.tls.secretName	string	"pharia-studio-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
phariaStudioAPISchema	string	"http"	Internal cluster communication with pharia-studio-api. This is the default value. https can be set if the internal communication is over https.
resources.limits.cpu	string	"100m"
resources.limits.memory	string	"256Mi"
resources.requests.cpu	string	"50m"
resources.requests.memory	string	"256Mi"

pharia-transcribe

Key	Type	Default	Description
enabled	bool	false	Set this to true to install the pharia-transcribe subchart as a dependency
fullnameOverride	string	"pharia-transcribe"

pharia-translate

Key	Type	Default	Description
client.resources.limits.cpu	string	"1"
client.resources.limits.memory	string	"1Gi"
client.resources.requests.cpu	string	"100m"
client.resources.requests.memory	string	"1Gi"
deployment	object	{}
enabled	bool	true	Set this to true to install the pharia-translate subchart as a dependency
fullnameOverride	string	"pharia-translate"
marianServer.resources.limits."nvidia.com/gpu"	int	1
marianServer.resources.limits.cpu	string	"1"
marianServer.resources.limits.memory	string	"16Gi"
marianServer.resources.requests.cpu	string	"100m"
marianServer.resources.requests.memory	string	"16Gi"
nodeSelector	object	{}
tolerations	list	[]

phariaos-manager

Key	Type	Default	Description
applicationsProxy.additionalAllowedOrigins	list	[]	Set this to specify extra origins that are permitted to make cross-origin requests under CORS settings.
applicationsProxy.enabled	bool	true	Enable usecases (applications) proxy server. It is responsible for redirecting requests into the targeted usecases.
applicationsProxy.fullnameOverride	string	"pharia-os-applications-proxy"	Set this to override the full name of the pharia-os-applications-proxy
applicationsProxy.ingress.annotations	object	{}	Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. Some ingress classes limits body size allowed in requests. Therefore, override the annotations value if the application requires large files to be uploaded. Example for nginx ingress class: nginx.ingress.kubernetes.io/proxy-body-size: 20m
applicationsProxy.ingress.enabled	bool	true	Enable ingress creation
applicationsProxy.ingress.hostname	string	"pharia-os-applications"	Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain.
applicationsProxy.ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
applicationsProxy.ingress.tls.secretName	string	"phariaos-applications-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
clusterRole.enabled	bool	true	Enable the cluster role for the phariaos-manager to enable for hardware listing.
databaseConfig.external	object	{"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""}	Provide an existing database if you want to use an external database
databaseConfig.external.databaseName	string	""	The name of the database
databaseConfig.external.existingSecret	string	""	Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the keys exists in the secret with a valid value.
databaseConfig.external.host	string	""	The host of the database
databaseConfig.external.password	string	""	The password of the database
databaseConfig.external.port	string	""	The port of the database
databaseConfig.external.user	string	""	The user of the database
databaseConfig.secretKeys.databaseNameKey	string	"databaseName"	The key in the secret that contains the database name
databaseConfig.secretKeys.hostKey	string	"host"	The key in the secret that contains the host of the database
databaseConfig.secretKeys.passwordKey	string	"password"	The key in the secret that contains the password of the database
databaseConfig.secretKeys.portKey	string	"port"	The key in the secret that contains the port of the database
databaseConfig.secretKeys.userKey	string	"user"	The key in the secret that contains the user of the database
enabled	bool	true	Set this to true to install the phariaos-manager subchart as a dependency
fullnameOverride	string	"pharia-os-manager"	Set this to override the full name of the phariaos-manager
ingress.annotations	object	{}	Annotations for the ingress-resource. This can be used to add ingress controller specific annotations.
ingress.enabled	bool	true	Enabled ingress creation
ingress.hostname	string	"pharia-os-manager"	Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain.
ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
ingress.tls.secretName	string	"pharia-os-manager-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
postgresql.auth.existingSecret	string	""
postgresql.auth.password	string	""	If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication
postgresql.enabled	bool	true	This is used to indicate whether the internal PostgreSQL should be used or not.
serviceMonitor.enabled	bool	false	Enable Prometheus service monitor for phariaos-manager
usecase.enabled	bool	true	Enable usecases creation and deployment in phariaos-manager API.
usecase.imagePullSecretName	string	""	DEPRECATED: Use imagePullSecrets instead. This will be removed in a future release.
usecase.imagePullSecrets	list	[]	Secrets to authenticate container registry to pull/verify usecase images. Make sure the secrets are in the Release namespace!
usecase.serviceMonitor.enabled	bool	false	Enable Prometheus service monitor for usecases deployed by phariaos-manager

phariaos-ui

Key	Type	Default	Description
enabled	bool	true	Set this to true to install the phariaos-ui subchart as a dependency
fullnameOverride	string	"pharia-os"	Set this to override the full name of the phariaos-ui
ingress.annotations	object	{}	Annotations for the ingress-resource. This can be used to add ingress controller specific annotations.
ingress.enabled	bool	true	Enabled ingress creation
ingress.hostname	string	"pharia-os"	Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain.
ingress.tls.enabled	bool	true	Enable TLS configuration for this Ingress
ingress.tls.secretName	string	"pharia-os-tls"	The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls

Maintainers

Name	Email	Url
PhariaAI	phariaai@aleph-alpha.com