Skip to content

PackmindHub/packmind-ai-helm-chart

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits
.github
.github
 
 
packmind
packmind
 
 
.gitignore
.gitignore
 
 
.helmignore
.helmignore
 
 
README.md
README.md
 
 

Repository files navigation

Packmind Helm Chart - Deployment Guide

Packmind documentation is available here.

Table of Contents

Version Selection

Packmind supports two versions: OSS (default) and Enterprise.

OSS Version (Default)

No additional configuration required. Uses standard images:

  • packmind/api:X.X.X
  • packmind/frontend:X.X.X
  • packmind/mcp:X.X.X

Enterprise Version

Set global.version to enterprise:

global:
  version: "enterprise"

This automatically uses enterprise images:

  • packmind/api:X.X.X-enterprise
  • packmind/frontend:X.X.X-enterprise
  • packmind/mcp:X.X.X-enterprise

Quick Start

Add Helm Repository

helm repo add packmind https://packmindHub.github.io/packmind-ai-helm-chart/
helm repo update

Install Packmind

Deploy Packmind with default settings (internal PostgreSQL and Redis):

helm install packmind-ai packmind-ai/packmind-ai

Or install from local chart directory:

helm install packmind packmind/

Access at: http://packmind.local/ (update /etc/hosts for local testing)

Critical: Encryption Key

⚠️ The encryption key protects sensitive data (Git platform API tokens, etc.) stored in the database.

Default Behavior (Recommended)

By default, the chart auto-generates a secure 32-character encryption key that persists across upgrades:

secrets:
  encryptionKeyGeneration: true  # default

Important: Back up this secret immediately after first deployment to prevent data loss.

Manual Key (Alternative)

Provide your own encryption key:

secrets:
  encryptionKeyGeneration: false
  api:
    encryptionKey: "your-secure-32-char-key-here"

Database Configuration

Scenario 1: Internal PostgreSQL (Default)

postgresql:
  enabled: true
  persistence:
    size: 2Gi

⚠️ Backup Required: Persistent volumes must be backed up regularly

Scenario 2: External Database (Hardcoded URI)

postgresql:
  enabled: false
  external:
    databaseUrl: 'postgres://user:password@host:5432/packmind'

⚠️ Not recommended for production (credentials in values file)

Scenario 3: External Database (Secret Reference)

postgresql:
  enabled: false
  external:
    existingSecret: 'packmind-db-secret'
    existingSecretKey: 'database-url'

Create the secret:

kubectl create secret generic packmind-db-secret \
  --from-literal=database-url="postgres://user:password@host:5432/packmind"

Recommended for production

Environment Variables

All the environment variables are available here.

API Service Environment Variables

Override environment variables for the API service:

api:
  env:
    APP_WEB_URL: "https://local.packmind.acme"

MCP Server Environment Variables

Override environment variables for the MCP server:

mcpServer:
  env:
    APP_WEB_URL: "https://local.packmind.acme"

Using External Secrets for Environment Variables

For production environments, use secretEnvVars to reference secrets managed by external systems (Vault, External Secrets Operator, etc.):

api:
  secretEnvVars:
    - name: THIRD_PARTY_API_KEY
      secretName: vault-managed-secret
      key: api-key
      optional: false
    - name: OPTIONAL_TOKEN
      secretName: external-service-secret
      key: token
      optional: true

mcpServer:
  secretEnvVars:
    - name: MCP_EXTERNAL_TOKEN
      secretName: vault-mcp-secret
      key: external-token
      optional: false

Ingress Configuration

Production with NGINX + Let's Encrypt

ingress:
  enabled: true
  className: "nginx"
  defaultHost: "app.example.com"
  annotations:
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    nginx.ingress.kubernetes.io/proxy-body-size: "32m"
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "15"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
  tls:
    - secretName: packmind-tls
      hosts:
        - app.example.com

Prerequisites:

  • NGINX Ingress Controller installed
  • cert-manager installed with Let's Encrypt ClusterIssuer configured

Routes: /api → API, /mcp → MCP Server, / → Frontend

Backup Considerations

Internal Databases

When using internal PostgreSQL and Redis, ensure regular backups of:

  • packmind-postgresql-data PVC
  • packmind-redis-data PVC

External Databases

Backups are managed by your external database provider.

Additional Secrets

JWT Secrets

secrets:
  api:
    jwtSecretKey: "your-api-jwt-secret"
    openaiApiKey: "your-openai-api-key-here"
  mcp:
    jwtSecretKey: "your-mcp-jwt-secret"

Private Docker Registry

dockerRegistry:
  enabled: true
  existingSecret: "packmind-registry-secret"

Or create inline:

kubectl create secret docker-registry packmind-registry-secret \
  --docker-server=registry.example.com \
  --docker-username=user \
  --docker-password=password \
  --docker-email=email@example.com

To inject an OpenAI API Key, you'll have to create the secret first

kubectl create secret generic my-openai-secret \
  --from-literal=open-ai-key="your-openai-api-key-here"

And then include in your values.yaml:

api:
  secretEnvVars:
    - name: OPEN_AI_KEY
      secretName: my-openai-secret
      key: open-ai-key
      optional: false

About

Helm Chart for Packmind AI

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 9

packmind-ai-0.20.0 Latest
Dec 22, 2025
+ 8 releases

Packages

No packages published

Languages