Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 43 additions & 1 deletion src/data/playground-configs.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1204,7 +1204,7 @@ export const chartConfigs: Record<string, ChartConfig> = {
key: 'ingress.ingressClassName',
type: 'select',
default: 'traefik',
options: ['traefik', 'nginx'],
options: ['', 'traefik', 'nginx'],
description: 'Ingress controller class',
},
],
Expand All @@ -1229,6 +1229,20 @@ export const chartConfigs: Record<string, ChartConfig> = {
},
],
},
{
name: 'NetworkPolicy',
collapsible: true,
gateField: 'networkPolicy.enabled',
fields: [
{
label: 'Database Egress Port',
key: 'networkPolicy.extraEgress[0].ports[0].port',
type: 'number',
default: '5432',
description: 'Additional database, provider, or proxy egress port',
},
],
},
],
'envoy-gateway': [
{
Expand Down Expand Up @@ -4533,6 +4547,34 @@ export const chartConfigs: Record<string, ChartConfig> = {
},
],
},
{
name: 'DNS Egress',
collapsible: true,
gateField: 'networkPolicy.enabled',
fields: [
{
label: 'DNS Namespace',
key: 'networkPolicy.dnsEgressPeers[0].namespaceSelector.matchLabels.kubernetes\\.io/metadata\\.name',
type: 'text',
default: 'kube-system',
description: 'Namespace label for cluster DNS pods',
},
{
label: 'DNS Pod Label',
key: 'networkPolicy.dnsEgressPeers[0].podSelector.matchLabels.k8s-app',
type: 'text',
default: 'kube-dns',
description: 'Pod label for cluster DNS',
},
{
label: 'Extra Egress Port',
key: 'networkPolicy.extraEgress[0].ports[0].port',
type: 'number',
default: '5432',
description: 'Additional egress port',
},
],
},
],
vaultwarden: [
{
Expand Down
25 changes: 18 additions & 7 deletions src/pages/docs/charts/langflow.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -11,16 +11,16 @@ integrations.

## Overview

The HelmForge Langflow chart uses the official `docker.io/langflowai/langflow:1.10.0` image and exposes the web/API server on port `7860`.
The HelmForge Langflow chart uses the official `docker.io/langflowai/langflow:1.10.1` image and exposes the web/API server on port `7860`.
The default deployment persists `/app/langflow` because flows, local SQLite state, provider settings, and local configuration are not stateless.

The chart generates the core Langflow runtime environment:

- `LANGFLOW_HOST=0.0.0.0`
- `LANGFLOW_PORT`
- `LANGFLOW_CONFIG_DIR`
- `LANGFLOW_SAVE_DB_IN_CONFIG_DIR=true`
- `LANGFLOW_OPEN_BROWSER=false`
- `LANGFLOW_SAVE_DB_IN_CONFIG_DIR`
- `LANGFLOW_OPEN_BROWSER`

## Configuration Reference

Expand All @@ -46,17 +46,21 @@ Storage and scaling:

- `persistence.enabled`, `persistence.size`, `persistence.storageClass`: local config and SQLite storage.
- `persistence.accessModes`: generated PVC access modes. Multi-replica persistent deployments require `ReadWriteMany`.
- `persistence.existingClaim`: mount an existing claim instead of creating one.
- `persistence.existingClaim`: mount an existing claim instead of creating one. With `replicaCount > 1`, the external claim controls access modes.
- `persistence.mountPath`: Langflow config directory, default `/app/langflow`.
- `pdb.enabled`, `pdb.minAvailable`: disruption budget for scaled deployments.

Exposure and operations:

- `serviceAccount.create`, `serviceAccount.name`, `serviceAccount.annotations`, `serviceAccount.automountServiceAccountToken`.
- `service.type`, `service.port`, `service.annotations`, `service.ipFamilyPolicy`, `service.ipFamilies`.
- `ingress.enabled`, `ingress.ingressClassName`, `ingress.annotations`, `ingress.hosts`, `ingress.tls`.
- `ingress.enabled`, `ingress.ingressClassName`, `ingress.annotations`, `ingress.hosts`, `ingress.tls`. Set
`ingress.ingressClassName: ""` to omit `spec.ingressClassName`.
- `gateway.enabled`, `gateway.parentRefs`, `gateway.hostnames`, `gateway.path`, `gateway.pathType`.
- `networkPolicy.enabled`, `networkPolicy.ingressFrom`.
- `networkPolicy.enabled`, `networkPolicy.ingressFrom`, `networkPolicy.dnsEgressPeers`, `networkPolicy.extraEgress`.
Enabling `networkPolicy.enabled` creates ingress restrictions plus egress isolation with built-in DNS and HTTPS allowances.
`networkPolicy.dnsEgressPeers` defaults to kube-system/kube-dns and can be changed for clusters with different DNS labels.
`networkPolicy.extraEgress` appends database, provider, or proxy rules after the built-in allowances.
- `probes.startup`, `probes.liveness`, `probes.readiness`: enable flags and timing values.
- `resources`, `podSecurityContext`, `securityContext`, `nodeSelector`, `tolerations`, `affinity`.
- `topologySpreadConstraints`, `priorityClassName`, `terminationGracePeriodSeconds`.
Expand Down Expand Up @@ -95,6 +99,13 @@ persistence:

networkPolicy:
enabled: true
dnsEgressPeers:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
podSelector:
matchLabels:
k8s-app: kube-dns
```

## Secrets
Expand Down Expand Up @@ -124,7 +135,7 @@ pdb:
```

The chart blocks `replicaCount > 1` unless `database.url` or `database.existingSecret` is configured.
When persistence stays enabled for multiple replicas, the shared config directory must use `ReadWriteMany`; the default generated
When chart-created persistence stays enabled for multiple replicas, the shared config directory must use `ReadWriteMany`; the default generated
`ReadWriteOnce` PVC is rejected to avoid multi-attach failures on multi-node clusters.

## Backup
Expand Down
1 change: 1 addition & 0 deletions src/pages/playground.astro
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ const siteSyncPlaygroundConfigs: Record<string, string> = {
'adguard-home': 'src/data/playground-configs.ts',
booklore: 'src/data/playground-configs.ts',
changedetection: 'src/data/playground-configs.ts',
langflow: 'src/data/playground-configs.ts',
medikeep: 'src/data/playground-configs.ts',
memcached: 'src/data/playground-configs.ts',
notediscovery: 'src/data/playground-configs.ts',
Expand Down