brandon/nextcloud-mcp-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4e89e92b65153449355e9e668e4e5e75d6bbcb81
nextcloud-mcp-server/charts/nextcloud-mcp-server/values.yaml
T
Chris Coutinho 093ac5b5ba feat(helm): Add observability support with ServiceMonitor and Grafana dashboard 
Add comprehensive observability configuration to Helm chart:

**Helm Values:**
- Add observability configuration section for metrics, tracing, and logging
- Add serviceMonitor configuration (disabled by default)
- Add prometheusRule configuration (disabled by default)

**Templates:**
- Update deployment to include observability environment variables
- Update deployment to expose metrics port (9090)
- Update service to expose metrics port
- Add ServiceMonitor template for Prometheus Operator
- Add PrometheusRule template with critical and warning alerts

**Dashboards:**
- Add comprehensive Grafana dashboard JSON with 6 panels:
  - Request Rate (by method and endpoint)
  - Error Rate (5xx errors percentage)
  - Request Latency (P50/P95 by endpoint)
  - Top MCP Tools (by invocation volume)
  - Nextcloud API Latency (by app)
  - Vector Sync Queue Size
- Add dashboard README with import instructions

**Alert Rules:**
- Critical: Server down, high error rate (>5%), high latency (>1s), dependency down
- Warning: Token validation errors (>1%), vector sync queue high (>100), Qdrant slow (>500ms)

All features are opt-in via values.yaml configuration.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-09 09:10:11 +01:00

438 lines
13 KiB
YAML
Raw Blame History

# Default values for nextcloud-mcp-server
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# Number of replicas
replicaCount: 1
image:
repository: ghcr.io/cbcoutinho/nextcloud-mcp-server
pullPolicy: IfNotPresent
# Image tag is automatically set to chart appVersion
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
# Nextcloud connection settings
nextcloud:
# URL of your Nextcloud instance (required)
# Example: https://cloud.example.com
host: ""
# MCP server URL for OAuth callbacks (OAuth mode only)
# If not specified, will be constructed from ingress.hosts[0] if ingress is enabled,
# or defaults to http://localhost:8000 (suitable for port-forward setups)
# Example: https://mcp.example.com
mcpServerUrl: ""
# Public issuer URL for OAuth (OAuth mode only)
# If not specified, defaults to nextcloud.host
# Only set this if your Nextcloud is accessible at a different URL for OAuth
# Example: https://cloud.example.com
publicIssuerUrl: ""
# Authentication configuration
# Choose either basic auth OR oauth (not both)
auth:
# Authentication mode: "basic" or "oauth"
# basic: Uses username/password (recommended for most users)
# oauth: Uses OAuth2/OIDC (experimental, requires patches)
mode: basic
# Basic authentication settings
basic:
# Nextcloud username (ignored if existingSecret is set)
username: ""
# Nextcloud password or app password (recommended) (ignored if existingSecret is set)
password: ""
# Use existing secret instead of creating one
# If set, username and password above are ignored
# Secret must contain keys specified in usernameKey and passwordKey
# Example:
# kubectl create secret generic my-nextcloud-creds \
# --from-literal=username=myuser \
# --from-literal=password=mypassword
existingSecret: ""
# Keys in the existing secret
usernameKey: "username"
passwordKey: "password"
# OAuth2/OIDC settings (experimental)
oauth:
# OAuth token type: "jwt" or "opaque"
tokenType: "jwt"
# Pre-registered OAuth client ID (optional, ignored if existingSecret is set)
# If not provided and no existingSecret, will use Dynamic Client Registration (DCR)
clientId: ""
# Pre-registered OAuth client secret (optional, ignored if existingSecret is set)
clientSecret: ""
# OAuth scopes to request (space-separated)
scopes: "openid profile email notes:read notes:write calendar:read calendar:write contacts:read contacts:write cookbook:read cookbook:write deck:read deck:write tables:read tables:write files:read files:write sharing:read sharing:write todo:read todo:write"
# Use existing secret for OAuth client credentials
# If set, clientId and clientSecret above are ignored
# Secret must contain keys specified in clientIdKey and clientSecretKey
# Example:
# kubectl create secret generic my-oauth-creds \
# --from-literal=clientId=my-client-id \
# --from-literal=clientSecret=my-client-secret
existingSecret: ""
# Keys in the existing secret
clientIdKey: "clientId"
clientSecretKey: "clientSecret"
# Persistent storage for OAuth client credentials
persistence:
enabled: true
# Storage class (leave empty for default)
storageClass: ""
accessMode: ReadWriteOnce
size: 100Mi
# Use existing PVC
existingClaim: ""
# MCP server configuration
mcp:
# Transport mode (default: streamable-http for SSE)
transport: "streamable-http"
# Port for MCP server (both basic auth and OAuth modes)
port: 8000
# Additional command-line arguments to pass to nextcloud-mcp-server
# Example: ["--log-level", "debug", "--enable-app", "notes"]
extraArgs: []
# Document processing configuration (optional)
documentProcessing:
# Enable document processing (PDF, DOCX, images, etc.)
enabled: false
# Default processor: unstructured, tesseract, or custom
defaultProcessor: "unstructured"
# Progress reporting interval in seconds
progressInterval: 10
# Unstructured.io processor
unstructured:
enabled: false
# Unstructured API endpoint
apiUrl: "http://unstructured:8000"
# Request timeout in seconds
timeout: 120
# Parsing strategy: auto, fast, or hi_res
strategy: "auto"
# OCR languages (comma-separated ISO 639-3 codes)
languages: "eng,deu"
# Tesseract processor (local OCR)
tesseract:
enabled: false
# Path to tesseract executable (optional, auto-detected if in PATH)
cmd: ""
# OCR language (e.g., eng, deu, eng+deu for multiple)
lang: "eng"
# Custom processor
custom:
enabled: false
# Unique name for your processor
name: "my_ocr"
# Custom processor API endpoint
url: ""
# Optional API key for authentication
apiKey: ""
# Request timeout in seconds
timeout: 60
# Comma-separated MIME types your processor supports
types: "application/pdf,image/jpeg,image/png"
serviceAccount:
# Specifies whether a service account should be created
create: true
# Automatically mount a ServiceAccount's API credentials?
automount: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podLabels: {}
podSecurityContext:
fsGroup: 2000
securityContext:
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
# Observability Configuration
observability:
# Prometheus metrics
metrics:
enabled: true
port: 9090
path: /metrics
# OpenTelemetry tracing
tracing:
enabled: false
endpoint: "" # e.g., "http://opentelemetry-collector:4317"
serviceName: "nextcloud-mcp-server"
samplingRate: 1.0
# Logging configuration
logging:
format: json # "json" or "text"
level: INFO
includeTraceContext: true
# Prometheus ServiceMonitor (requires Prometheus Operator)
serviceMonitor:
enabled: false
interval: 30s
scrapeTimeout: 10s
labels: {}
# Additional labels for ServiceMonitor (e.g., for Prometheus selector)
# Example: { prometheus: kube-prometheus }
# Prometheus alert rules (requires Prometheus Operator)
prometheusRule:
enabled: false
labels: {}
# Additional labels for PrometheusRule (e.g., for Prometheus selector)
# Example: { prometheus: kube-prometheus }
service:
type: ClusterIP
port: 8000
annotations: {}
ingress:
enabled: false
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: mcp.example.com
paths:
- path: /
pathType: Prefix
tls: []
# - secretName: nextcloud-mcp-tls
# hosts:
# - mcp.example.com
resources:
# We recommend setting resource requests and limits
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
# Liveness probe configuration
# Checks if the application process is running
livenessProbe:
httpGet:
path: /health/live
port: http
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
# Readiness probe configuration
# Checks if the application is ready to serve traffic
readinessProbe:
httpGet:
path: /health/ready
port: http
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
# Autoscaling configuration
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 10
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
# Additional volumes on the output Deployment definition.
volumes: []
# - name: foo
# secret:
# secretName: mysecret
# optional: false
# Additional volumeMounts on the output Deployment definition.
volumeMounts: []
# - name: foo
# mountPath: "/etc/foo"
# readOnly: true
nodeSelector: {}
tolerations: []
affinity: {}
# Init containers
initContainers: []
# Additional environment variables
extraEnv: []
# - name: CUSTOM_VAR
# value: "custom_value"
# Additional environment variables from ConfigMaps or Secrets
extraEnvFrom: []
# - configMapRef:
# name: my-configmap
# - secretRef:
# name: my-secret
# Vector Sync Configuration
# Background synchronization of Nextcloud content into vector database for semantic search
vectorSync:
# Enable background vector synchronization
enabled: false
# Scan interval in seconds (how often to check for changes)
scanInterval: 3600
# Number of concurrent processor workers
processorWorkers: 3
# Maximum queue size for documents pending indexing
queueMaxSize: 10000
# Qdrant Vector Database Configuration
# Three deployment modes available:
# 1. Local In-Memory: Fast, ephemeral, zero-config (mode: "memory")
# 2. Local Persistent: File-based, survives restarts (mode: "persistent")
# 3. Network: Dedicated Qdrant service, production-ready (mode: "network")
qdrant:
# Qdrant mode: "memory", "persistent", or "network"
# - memory: In-memory storage (:memory:) - default, zero config, data lost on restart
# - persistent: Local file storage - data persists across restarts, suitable for small/medium deployments
# - network: Dedicated Qdrant service (see networkMode below)
mode: "memory"
# Collection name for vector data
collection: "nextcloud_content"
# Local persistent mode configuration (only used when mode: "persistent")
localPersistence:
# Enable persistent volume for local Qdrant data
enabled: true
# Storage class (leave empty for default)
storageClass: ""
accessMode: ReadWriteOnce
# Size for local Qdrant storage
size: 1Gi
# Path where Qdrant data is stored (relative to /app/data)
# Default: /app/data/qdrant
dataPath: "/app/data/qdrant"
# Use existing PVC
existingClaim: ""
# Network mode configuration (only used when mode: "network")
networkMode:
# Deploy Qdrant as a subchart (if true) or use external Qdrant (if false)
deploySubchart: false
# External Qdrant URL (used when deploySubchart: false)
# Example: "http://qdrant.default.svc.cluster.local:6333"
externalUrl: ""
# Optional API key for Qdrant authentication
apiKey: ""
# Use existing secret for API key
existingSecret: ""
secretKey: "api-key"
# Qdrant subchart configuration (only used when mode: "network" and networkMode.deploySubchart: true)
# All values are passed through to the qdrant/qdrant chart.
# See https://github.com/qdrant/qdrant-helm for full configuration options.
subchart:
# Number of Qdrant replicas
replicaCount: 1
image:
# Qdrant version
tag: v1.12.5
config:
cluster:
# Enable distributed cluster mode
enabled: false
# Persistent storage for vector data
persistence:
size: 10Gi
storageClass: ""
accessModes:
- ReadWriteOnce
# Resource limits and requests
resources:
requests:
cpu: 200m
memory: 512Mi
limits:
cpu: 1000m
memory: 2Gi
# Ollama Embedding Service
# Deployed as a subchart when enabled. All values are passed through to the ollama/ollama chart.
# See https://github.com/otwld/ollama-helm for full configuration options.
ollama:
# Enable Ollama subchart deployment
# Set to true to deploy Ollama as a subchart, or false to use an external Ollama instance
enabled: false
# External Ollama URL (use this if you have Ollama deployed elsewhere)
# When set, use enabled: false to prevent deploying the subchart
# Example: "http://ollama.default.svc.cluster.local:11434"
url: ""
# Embedding model to use
embeddingModel: "nomic-embed-text"
# Verify SSL certificates when connecting to Ollama
verifySsl: true
# Number of Ollama replicas (only used when subchart is deployed)
replicaCount: 1
# Ollama configuration (only used when subchart is deployed)
ollama:
# Models to automatically pull on startup
models:
pull:
- nomic-embed-text
# Persistent storage for models (only used when subchart is deployed)
persistentVolume:
enabled: true
size: 20Gi
storageClass: ""
# Resource limits and requests (only used when subchart is deployed)
resources:
requests:
cpu: 500m
memory: 1Gi
limits:
cpu: 2000m
memory: 4Gi
# OpenAI-compatible Embedding Provider
# Alternative to Ollama for embedding generation. Can be used with OpenAI or any compatible API.
openai:
# Enable OpenAI embedding provider
enabled: false
# OpenAI API key (only used if existingSecret is not set)
apiKey: ""
# Name of existing secret containing the API key
existingSecret: ""
# Key in the secret that contains the API key
secretKey: "api-key"
# Optional custom API endpoint (e.g., for Azure OpenAI or local compatible services)
baseUrl: ""
Reference in New Issue View Git Blame Copy Permalink