helm
Speckle | Helm Chart
Helm chart for deploying Speckle server to Kubernetes
Speckle is data infrastructure for the AEC industry.
About Speckle
What is Speckle? Check our
Features
- Object-based: say goodbye to files! Speckle is the first object based platform for the AEC industry
- Version control: Speckle is the Git & Hub for geometry and BIM data
- Collaboration: share your designs collaborate with others
- 3D Viewer: see your CAD and BIM models online, share and embed them anywhere
- Interoperability: get your CAD and BIM models into other software without exporting or importing
- Real time: get real time updates and notifications and changes
- GraphQL API: get what you need anywhere you want it
- Webhooks: the base for a automation and next-gen pipelines
- Built for developers: we are building Speckle with developers in mind and got tools for every stack
- Built for the AEC industry: Speckle connectors are plugins for the most common software used in the industry such as Revit, Rhino, Grasshopper, AutoCAD, Civil 3D, Excel, Unreal Engine, Unity, QGIS, Blender, ArchiCAD and more!
Try Speckle now!
Give Speckle a try in no time by:
⇒ creating an account at
⇒ Guide to deploying this Helm chart to Kubernetes
Speckle Server Helm Charts
This Helm chart bundles all Speckle developed components of the Speckle server deployment. Please note that data storage and persistence requirements of the app are not installed by the chart, as these are external dependencies. The required dependencies are listed in our deployment dependencies page.
Usage
A full guide to deploying on Kubernetes can be found in Speckle’s Documentation, we recommend that you follow this guide if you are new to Kubernetes or Helm.
The below are brief notes which will require additional dependencies and configuration.
Pre-requisite
Helm must be installed to use the charts. Please refer to Helm’s documentation to get started.
Instructions
Once Helm has been set up correctly, add the repo as follows:
$ helm repo add speckle https://specklesystems.github.io/helm
If you had already added this repo earlier, run helm repo update to retrieve
the latest versions of the packages.
You can then run helm search repo speckle to see the charts.
To install the speckle-server chart:
$ helm upgrade --install --create-namespace --namespace speckle-test my-speckle-server speckle/speckle-server
where my-speckle-server will be the name of the Helm release.
More details about the values to configure for your release can be found in Speckle’s Documentation
By default the chart will install in the speckle-test namespace, that name can be set in the chart values.
Uninstalling
To uninstall the chart:
$ helm uninstall my-speckle-server --namespace speckle-test
Depending on the Infrastructure on which Speckle was released, a load balancer may have been created. This may have to be manually deleted.
Parameters
Namespace
| Name | Description | Value |
|---|---|---|
namespace |
The name of the namespace in which Speckle will be deployed. | speckle-test |
create_namespace |
Enabling this will create a new namespace into which Speckle will be deployed | false |
SSL
| Name | Description | Value |
|---|---|---|
domain |
The DNS host name at which this Speckle deployment will be reachable | localhost |
ssl_canonical_url |
HTTPS protocol will be the preferred protocol for serving this Speckle deployment | true |
tlsRejectUnauthorized |
If ‘1’ (true), Speckle will reject any SSL certificates that are not signed by a trusted Certificate Authority. Should only be disabled in a trusted local development environment. https://nodejs.org/api/cli.html#node_tls_reject_unauthorizedvalue | 1 |
cert_manager_issuer |
The name of the ClusterIssuer kubernetes resource that provides the SSL Certificate | letsencrypt-staging |
Feature flags
This object is a central location to define feature flags for the whole chart.
| Name | Description | Value |
|---|---|---|
featureFlags.automateModuleEnabled |
High level flag fully toggles the integrated automate module | false |
featureFlags.gendoAIModuleEnabled |
High level flag that toggles the Gendo AI render module | false |
featureFlags.workspacesModuleEnabled |
High level flag fully toggles the workspaces module | false |
featureFlags.personalProjectLimitsEnabled |
High level flag toggles personal (non-workspace) project limits | false |
featureFlags.workspacesSSOEnabled |
High level flag fully toggles the workspaces dynamic sso | false |
featureFlags.multipleEmailsModuleEnabled |
High level flag fully toggles multiple emails | false |
featureFlags.gatekeeperModuleEnabled |
High level flag that enables the gatekeeper module | false |
featureFlags.billingIntegrationEnabled |
High level flag that enables the billing integration | false |
featureFlags.workspacesMultiRegionEnabled |
Toggles whether multi-region is available within workspaces. workspacesModuleEnabled must also be enabled. | false |
featureFlags.forceEmailVerification |
Forces email verification for all users | false |
featureFlags.forceOnboarding |
Forces onboarding for all users | false |
featureFlags.workspacesNewPlanEnabled |
Toggles whether the new (Q1 2025) plans for workspaces are available. workspacesModuleEnabled must also be enabled for this to take effect. | false |
featureFlags.moveProjectRegionEnabled |
Enables the ability to move a project region (manually or automatically) | false |
featureFlags.retryErroredPreviewsEnabled |
Toggles whether the system periodically retries preview requests which have previously errored. | false |
featureFlags.nextGenFileImporterEnabled |
Enables the next generation file importer | false |
featureFlags.largeFileUploadsEnabled |
Enables the ability to upload large files to Speckle | false |
featureFlags.experimentalIfcImporterEnabled |
Enables the ability to parse IFC files using the experimental IFC importer | false |
featureFlags.legacyIfcImporterEnabled |
Enables the ability to parse IFC files using the legacy IFC importer. | false |
featureFlags.backgroundJobsEnabled |
Enables the ability to run background jobs (such as the IFC importer) in Speckle | false |
analytics.enabled |
Enable or disable analytics | true |
analytics.mixpanel_token_id |
The Mixpanel token ID used to identify this Speckle deployment in MixPanel | acd87c5a50b56df91a795e999812a3a4 |
analytics.mixpanel_api_host |
The Mixpanel API host to which analytics data will be sent | https://analytics.speckle.systems |
Network Plugin configuration
This is used to define the type of network policy that is deployed. Different Kubernetes Network Plugins or Container Network Interfaces (CNIs) can make use of different types of Network Policy. Some of these provide more features than the standard Kubernetes Network Policy.
| Name | Description | Value |
|---|---|---|
networkPlugin.type |
(Optional) Used to configure which type of NetworkPolicy is deployed. Options are ‘kubernetes’ or ‘cilium’. | kubernetes |
Ingress metadata for NetworkPolicy
This section is ignored unless networkPolicy is enabled for frontend or server. The NetworkPolicy uses this value to enable connections from the ingress controller pod in this namespace to reach Speckle. ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
| Name | Description | Value |
|---|---|---|
ingress.enabled |
If enabled, the ingress resources will be deployed | true |
ingress.namespace |
The namespace in which the ingress controller is deployed. | ingress-nginx |
ingress.controllerName |
The name of the Kubernetes pod in which the ingress controller is deployed. | ingress-nginx |
ingress.client_max_body_size_mb |
This maximum size of the body of any request (except file uploads) that can be sent to Speckle. For file uploads, the maximum size is defined by the .file_size_limit_mb parameter. |
10 |
Common parameters
| Name | Description | Value |
|---|---|---|
docker_image_tag |
DEPRECATED: Use {service}.image with full image name instead. Speckle is published as a Docker Image. The version of the image which will be deployed is specified by this tag. |
2.25.8-alpha.305 |
imagePullPolicy |
Determines the conditions when the Docker Images for Speckle should be pulled from the Image registry. | IfNotPresent |
secretName |
Deprecated, please use individual secret parameters. This is the name of the Kubernetes Secret resource in which secrets for Speckle are stored. Secrets within this Secret resource may include Postgres and Redis connectin strings, S3 secret values, email server passwords, etc.. | server-vars |
file_size_limit_mb |
This maximum size of any single file (unit is Megabytes) that can be uploaded to Speckle | 100 |
file_import_time_limit_min |
The maximum time (unit is minutes) that the file import service will attempt to process the file before it is considered to have failed | 30 |
file_upload_url_expiry_minutes |
The number of minutes for which the file upload URL is valid. After this time, the URL will no longer be valid and the file cannot be uploaded. | 1440 |
objects_size_limit_mb |
This maximum size of the POST request body (unit is Megabytes) that can be sent to the Speckle Objects REST APIs. | 100 |
Monitoring
This enables metrics generated by Speckle to be ingested by Prometheus: https://prometheus.io/ Enabling this requires Prometheus to have been deployed prior, as this resource expects the Prometheus Customer Resource Definition for the ServiceMonitor to already be existing within the cluster. ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/getting-started.md#related-resources
| Name | Description | Value |
|---|---|---|
enable_prometheus_monitoring |
If enabled, Speckle deploys a Prometheus ServiceMonitor resource | false |
prometheusMonitoring.namespace |
If provided, deploys Speckle’s Prometheus resources (e.g. ServiceMonitor) in the given namespace | "" |
prometheusMonitoring.release |
If provided, adds the value to a release label on all the Prometheus resources deployed by Speckle |
"" |
prometheusMonitoring.networkPolicy.inCluster |
Parameters for allowing ingress from the Prometheus pod that will scrape this Speckle release. It is assumed that Prometheus is deployed within the Kubernetes cluster. | |
prometheusMonitoring.networkPolicy.inCluster.kubernetes.podSelector |
(Kubernetes Network Policy only) The pod Selector yaml object used to uniquely select the prometheus pods within the cluster and given namespace | {} |
prometheusMonitoring.networkPolicy.inCluster.kubernetes.namespaceSelector |
(Kubernetes Network Policy only) The namespace selector yaml object used to uniquely select the namespace in which the prometheus pods are deployed | {} |
prometheusMonitoring.networkPolicy.inCluster.cilium.fromEndpoints |
(Cilium Network Policy only) The endpoint selector yaml object used to uniquely select the in-cluster endpoint in which the prometheus pods are deployed | [] |
Postgres Database
Defines parameters related to connections to the Postgres database.
| Name | Description | Value |
|---|---|---|
db.useCertificate |
If enabled, the certificate defined in db.certificate is used to verify TLS connections to the Postgres database | false |
db.maxConnectionsServer |
The number of connections to the Postgres database to provide in the connection pool | 8 |
db.certificate |
The x509 public certificate for SSL connections to the Postgres database. Use of this certificate requires db.useCertificate to be enabled and an appropriate value for db.PGSSLMODE provided. | "" |
db.PGSSLMODE |
This defines the level of security used when connecting to the Postgres database | require |
db.connectionAcquisitionTimeoutMillis |
The maximum time in milliseconds to wait for a connection to be acquired from the connection pool. | 15000 |
db.connectionCreateTimeoutMillis |
The maximum time in milliseconds to wait for a new connection to be created in the connection pool. Should be less than the acquisition timeout, as a new connection may need to be created then acquired. | 5000 |
db.knexAsyncStackTracesEnabled |
If enabled, will provide better stack traces for errors arising out of knex operations | false |
db.knexImprovedTelemetryStackTraces |
If enabled, will provide better stack traces for knex telemetry | false |
db.databaseName |
(Optional) The name of the Postgres database to which Speckle will connect. Only required for the Database Monitoring utility when the connection string is to a database connection pool and multi-region is disabled, otherwise this value is ignored. | "" |
db.connectionString.secretName |
Required. A secret containing the full connection string to the Postgres database (e.g. in format of protocol://username:password@host:port/database) stored within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets |
"" |
db.connectionString.secretKey |
Required. The key within the Kubernetes Secret holding the connection string. | "" |
db.networkPolicy |
If networkPolicy is enabled for any service, this provides the NetworkPolicy with the necessary details to allow egress connections to the Postgres database | |
db.networkPolicy.externalToCluster |
Only required if the Postgres database is not hosted within the Kubernetes cluster in which Speckle will be deployed. | |
db.networkPolicy.externalToCluster.enabled |
If enabled, indicates that the Postgres database is hosted externally to the Kubernetes cluster | true |
db.networkPolicy.inCluster |
Only required if the Postgres database is hosted within the Kubernetes cluster in which Speckle will be deployed. | |
db.networkPolicy.inCluster.enabled |
If enabled, indicates that the Postgres database is hosted withing the same Kubernetes cluster in which Speckle will be deployed | false |
db.networkPolicy.inCluster.port |
the port on the server providing the Postgres database (default: “5432”) | "" |
db.networkPolicy.inCluster.kubernetes.podSelector |
(Kubernetes Network Policy only) The pod Selector yaml object used to uniquely select the postgres compatible database pods within the cluster and given namespace | {} |
db.networkPolicy.inCluster.kubernetes.namespaceSelector |
(Kubernetes Network Policy only) The namespace selector yaml object used to uniquely select the namespace in which the postgres compatible database pods are deployed | {} |
db.networkPolicy.inCluster.cilium.endpointSelector |
(Cilium Network Policy only) The endpoint selector yaml object used to uniquely select the in-cluster endpoint in which the postgres compatible database pods are deployed | {} |
db.networkPolicy.inCluster.cilium.serviceSelector |
(Cilium Network Policy only) The service selector yaml object used to uniquely select the in-cluster service providing the postgres compatible database service | {} |
S3 Compatible Storage
Defines parameters related to connecting to the S3 compatible storage.
| Name | Description | Value |
|---|---|---|
s3.configMap.enabled |
If enabled, the s3.endpoint, s3.bucket, and s3.access_key values will be determined from a configMap and the values provided in this helm release ignored. | false |
s3.configMap.name |
The name of the ConfigMap in which values for the keys (endpoint, bucket, and access_key) are provided. Expected to be in the namespace defined by the namespace parameter of this Helm Chart. |
"" |
s3.endpoint |
The URL at which the s3 compatible storage is hosted. If s3.configMap.enabled is true, this value is ignored. |
"" |
s3.publicEndpoint |
The URL at which the s3 compatible storage is accessible from a user’s browser. | "" |
s3.bucket |
The s3 compatible bucket in which Speckle data will be stored. If s3.configMap.enabled is true, this value is ignored. |
"" |
s3.access_key |
The key of the access key used to authenticate with the s3 compatible storage. If s3.configMap.enabled is true, this value is ignored. |
"" |
s3.secret_key.secretName |
Required. A Kubernetes secret containing the s3 secret_key. This is expected to be the name of an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets | "" |
s3.secret_key.secretKey |
Required. The key within the Kubernetes Secret, the value of which is the s3 secret. | "" |
s3.create_bucket |
If enabled, will create a bucket with the given bucket name at this endpoint | false |
s3.region |
The region in which the bucket resides (or will be created in). | "" |
s3.networkPolicy |
If networkPolicy is enabled for any service, this provides the NetworkPolicy with the necessary details to allow egress connections to the s3 compatible storage | |
s3.networkPolicy.port |
the port on the server providing the s3 compatible storage (default: “443”) | "" |
s3.networkPolicy.externalToCluster |
Only required if the s3 compatible storage is not hosted within the Kubernetes cluster in which Speckle will be deployed. | |
s3.networkPolicy.externalToCluster.enabled |
If enabled, indicates that the s3 compatible storage is hosted externally to the Kubernetes cluster | true |
s3.networkPolicy.inCluster |
Only required if the s3 compatible storage is hosted within the Kubernetes cluster in which Speckle will be deployed. | |
s3.networkPolicy.inCluster.enabled |
If enabled, indicates that the s3 compatible storage is hosted withing the same Kubernetes cluster in which Speckle will be deployed | false |
s3.networkPolicy.inCluster.kubernetes.podSelector |
(Kubernetes Network Policy only) The pod Selector yaml object used to uniquely select the s3 compatible storage pods within the cluster and given namespace | {} |
s3.networkPolicy.inCluster.kubernetes.namespaceSelector |
(Kubernetes Network Policy only) The namespace selector yaml object used to uniquely select the namespace in which the s3 compatible storage pods are deployed | {} |
s3.networkPolicy.inCluster.cilium.endpointSelector |
(Cilium Network Policy only) The endpoint selector yaml object used to uniquely select the in-cluster endpoint in which the s3 compatible storage pods are deployed | {} |
s3.networkPolicy.inCluster.cilium.serviceSelector |
(Cilium Network Policy only) The service selector yaml object used to uniquely select the in-cluster service providing the s3 compatible storage service | {} |
Redis Store
Defines parameters related to connecting to the Redis Store.
| Name | Description | Value |
|---|---|---|
redis.connectionString.secretName |
Required. A secret containing the full connection string to the Redis store (e.g. in format of protocol://username:password@host:port/database) stored within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets |
"" |
redis.connectionString.secretKey |
Required. The key within the Kubernetes Secret holding the Redis connection string. | "" |
redis.previewServiceConnectionString.secretName |
Required. A secret containing the full connection string to the Redis store (e.g. in format of protocol://username:password@host:port/database) stored within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets |
"" |
redis.previewServiceConnectionString.secretKey |
Required. The key within the Kubernetes Secret holding the Redis connection string. | "" |
redis.fileImportService.rhino.connectionString.secretName |
Required. A secret containing the full connection string to the Redis store (e.g. in format of protocol://username:password@host:port/database) stored within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets |
"" |
redis.fileImportService.rhino.connectionString.secretKey |
Required. The key within the Kubernetes Secret holding the Redis connection string. | "" |
redis.fileImportService.rhino.queueName |
Optional. The name of the queue created within the Redis cluster. | fileimport-service-jobs |
redis.fileImportService.ifc.connectionString.secretName |
Required. A secret containing the full connection string to the Redis store (e.g. in format of protocol://username:password@host:port/database) stored within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets |
"" |
redis.fileImportService.ifc.connectionString.secretKey |
Required. The key within the Kubernetes Secret holding the Redis connection string. | "" |
redis.fileImportService.ifc.queueName |
Optional. The name of the queue created within the Redis cluster. | fileimport-service-jobs |
redis.networkPolicy |
If networkPolicy is enabled for Speckle server, this provides the NetworkPolicy with the necessary details to allow egress connections to the Redis store | |
redis.networkPolicy.externalToCluster |
Only required if the Redis store is not hosted within the Kubernetes cluster in which Speckle will be deployed. | |
redis.networkPolicy.externalToCluster.enabled |
If enabled, indicates that the Redis store is hosted externally to the Kubernetes cluster | true |
redis.networkPolicy.inCluster |
is only required if the Redis store is hosted within the Kubernetes cluster in which Speckle will be deployed. | |
redis.networkPolicy.inCluster.enabled |
If enabled, indicates that the Redis store is hosted withing the same Kubernetes cluster in which Speckle will be deployed | false |
redis.networkPolicy.inCluster.port |
the port on the server providing the Redis store (default: “6379”) | "" |
redis.networkPolicy.inCluster.kubernetes.podSelector |
(Kubernetes Network Policy only) The pod Selector yaml object used to uniquely select the redis store pods within the cluster and given namespace | {} |
redis.networkPolicy.inCluster.kubernetes.namespaceSelector |
(Kubernetes Network Policy only) The namespace selector yaml object used to uniquely select the namespace in which the redis store pods are deployed | {} |
redis.networkPolicy.inCluster.cilium.endpointSelector |
(Cilium Network Policy only) The endpoint selector yaml object used to uniquely select the in-cluster endpoint in which the redis pods are deployed | {} |
redis.networkPolicy.inCluster.cilium.serviceSelector |
(Cilium Network Policy only) The service selector yaml object used to uniquely select the in-cluster service providing the redis store service | {} |
openTelemetry
Defines parameters related to opentelemetry exporting of metrics.
| Name | Description | Value |
|---|---|---|
openTelemetry.tracing.url |
Required. The URL to which the opentelemetry traces will be exported. | "" |
openTelemetry.tracing.key |
Required. The key to be used when exporting opentelemetry traces. | "" |
openTelemetry.tracing.value |
Required. The value to be used when exporting opentelemetry traces. | "" |
multiRegion.config.secretName |
If workspacesMultiRegionEnabled is enabled, the server will be deployed in a multi-region configuration based on the values in a secret. This allows the default secret name to be overridden. | multi-region-config |
multiRegion.config.secretKey |
If workspacesMultiRegionEnabled is enabled, the server will be deployed in a multi-region configuration based on the values in a secret. This allows the default secret key and filename to be overridden. | multi-region-config.json |
imagePullSecrets |
The name of the Kubernetes Secret resource in which the Docker image pull secrets are stored. This is expected to be an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets | [] |
billing |
Values to enable billing integration | |
billing.secretName |
The name of the Kubernetes Secret containing the Session secret. This is a unique value (can be generated randomly). This is expected to be provided within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets | "" |
billing.stripeApiKey.secretKey |
The key within the Kubernetes Secret holding the stripeApiKey secret as its value. | stripeApiKey |
billing.stripeEndpointSigningKey.secretKey |
The key within the Kubernetes Secret holding the stripeEndpointSigningKey secret as its value. | stripeEndpointSigningKey |
billing.workspaceGuestSeatStripeProductId |
The workspace Guest Seat Product Id as configured in Stripe. | "" |
billing.workspaceMonthlyGuestSeatStripePriceId |
The workspace Monthly Guest Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyGuestSeatStripePriceId |
The workspace Yearly Guest Seat Price Id as configured in Stripe. | "" |
billing.workspaceStarterSeatStripeProductId |
The workspace Starter Seat Product Id as configured in Stripe. | "" |
billing.workspaceMonthlyStarterSeatStripePriceId |
The workspace Monthly Starter Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyStarterSeatStripePriceId |
The workspace Yearly Starter Seat Price Id as configured in Stripe. | "" |
billing.workspacePlusSeatStripeProductId |
The workspace Plus Seat Product Id as configured in Stripe. | "" |
billing.workspaceMonthlyPlusSeatStripePriceId |
The workspace Monthly Plus Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyPlusSeatStripePriceId |
The workspace Yearly Plus Seat Price Id as configured in Stripe. | "" |
billing.workspaceBusinessSeatStripeProductId |
The workspace Business Seat Product Id as configured in Stripe. | "" |
billing.workspaceMonthlyBusinessSeatStripePriceId |
The workspace Monthly Business Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyBusinessSeatStripePriceId |
The workspace Yearly Business Seat Price Id as configured in Stripe. | "" |
billing.workspaceTeamSeatStripeProductId |
The workspace Team Seat Product Id as configured in Stripe. | "" |
billing.workspaceMonthlyTeamSeatGbpStripePriceId |
The workspace Monthly Team Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyTeamSeatGbpStripePriceId |
The workspace Yearly Team Seat Price Id as configured in Stripe. | "" |
billing.workspaceMonthlyTeamSeatUsdStripePriceId |
The workspace Monthly Team Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyTeamSeatUsdStripePriceId |
The workspace Yearly Team Seat Price Id as configured in Stripe. | "" |
billing.workspaceTeamUnlimitedSeatStripeProductId |
The workspace Team Unlimited Seat Product Id as configured in Stripe. | "" |
billing.workspaceMonthlyTeamUnlimitedSeatGbpStripePriceId |
The workspace Monthly Team Unlimited Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyTeamUnlimitedSeatGbpStripePriceId |
The workspace Yearly Team Unlimited Seat Price Id as configured in Stripe. | "" |
billing.workspaceMonthlyTeamUnlimitedSeatUsdStripePriceId |
The workspace Monthly Team Unlimited Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyTeamUnlimitedSeatUsdStripePriceId |
The workspace Yearly Team Unlimited Seat Price Id as configured in Stripe. | "" |
billing.workspaceProSeatStripeProductId |
The workspace Pro Seat Product Id as configured in Stripe. | "" |
billing.workspaceMonthlyProSeatGbpStripePriceId |
The workspace Monthly Pro Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyProSeatGbpStripePriceId |
The workspace Yearly Pro Seat Price Id as configured in Stripe. | "" |
billing.workspaceMonthlyProSeatUsdStripePriceId |
The workspace Monthly Pro Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyProSeatUsdStripePriceId |
The workspace Yearly Pro Seat Price Id as configured in Stripe. | "" |
billing.workspaceProUnlimitedSeatStripeProductId |
The workspace Pro Unlimited Seat Product Id as configured in Stripe. | "" |
billing.workspaceMonthlyProUnlimitedSeatGbpStripePriceId |
The workspace Monthly Pro Unlimited Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyProUnlimitedSeatGbpStripePriceId |
The workspace Yearly Pro Unlimited Seat Price Id as configured in Stripe. | "" |
billing.workspaceMonthlyProUnlimitedSeatUsdStripePriceId |
The workspace Monthly Pro Unlimited Seat Price Id as configured in Stripe. | "" |
billing.workspaceYearlyProUnlimitedSeatUsdStripePriceId |
The workspace Yearly Pro Unlimited Seat Price Id as configured in Stripe. | "" |
Server
Defines parameters related to the backend server component of Speckle.
| Name | Description | Value |
|---|---|---|
server.enabled |
If enabled, the Speckle server will be deployed | true |
server.replicas |
The number of instances of the Server pod to be deployed within the cluster. | 1 |
server.logLevel |
The minimum level of logs which will be output. Suitable values are trace, debug, info, warn, error, fatal, or silent | info |
server.logPretty |
If enabled, will output logs in a human-readable format. Otherwise, logs will be output in JSON format. | false |
server.image |
The Docker image to be used for the Speckle Server component. If blank, defaults to speckle/speckle-server:. If provided, this value should be the full path including tag. The docker_image_tag value will be ignored. | "" |
server.enableFe2Messaging |
If enabled, the related FE1 deployment will show banners/messages about the new frontend | false |
server.onboarding.stream_url |
The (cross-server) URL to the project/stream that should be used as the onboarding project base. | https://latest.speckle.systems/projects/843d07eb10 |
server.onboarding.stream_cache_bust_number |
Increase this number to trigger the re-pulling of the base stream | 1 |
server.inspect.enabled |
If enabled, indicates that the Speckle server should be deployed with the nodejs inspect feature enabled | false |
server.inspect.port |
The port on which the nodejs inspect feature should be exposed | 7000 |
server.adminOverrideEnabled |
Enables the server side admin authz override | false |
server.weeklyDigestEnabled |
Enables sending out the serevr weekly digest emails | false |
server.max_object_size_mb |
The maximum size of an individual object which can be uploaded to the server | 100 |
server.max_object_upload_file_size_mb |
Objects are batched together and uploaded to the /objects endpoint as http POST form data. This determines the maximum size of that form data which can be uploaded to the server. It should be greater than or equal to max_object_size_mb. | 100 |
server.max_project_models_per_page |
The maximum number of models that can be returned in a single page of a query for all models of a project | 500 |
server.speckleAutomateUrl |
The url of the Speckle Automate instance | https://automate.speckle.systems |
server.asyncRequestContextEnabled |
If enabled, the server will use the async request context for improved log msg correlation | false |
server.gendoAI.apiUrl |
The url of the Gendo AI application, including protocol. | https://api.gendo.ai/external/generate |
server.gendoAI.creditLimit |
The number of Gendo AI credit a user gets every month. | 40 |
server.gendoAI.key.secretName |
The name of the Kubernetes Secret containing the Gendo AI key. If left blank, will default to the secretName parameter. |
"" |
server.gendoAI.key.secretKey |
The key within the Kubernetes Secret holding the Gendo AI key as its value. | gendoai_key |
server.gendoAI.ratelimiting.renderRequest |
The number of render requests allowed per period | 1 |
server.gendoAI.ratelimiting.renderRequestPeriodSeconds |
The period in seconds for the render request limit | 20 |
server.gendoAI.ratelimiting.burstRenderRequest |
The number of render requests allowed in ‘burst’ mode when the other limit is reached. | 3 |
server.gendoAI.ratelimiting.burstRenderRequestPeriodSeconds |
The period in seconds for the burst render request limit. | 60 |
server.encryptionKeys.path |
The path where the encryption keys should be loaded from | /encryption-keys/keys.json |
server.licenseTokenSecret.secretName |
The name of the Kubernetes Secret containing the Session secret. This is a unique value (can be generated randomly). This is expected to be provided within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets | "" |
server.licenseTokenSecret.secretKey |
The key within the Kubernetes Secret holding the Session secret as its value. | "" |
server.sessionSecret.secretName |
The name of the Kubernetes Secret containing the Session secret. This is a unique value (can be generated randomly). This is expected to be provided within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets | "" |
server.sessionSecret.secretKey |
The key within the Kubernetes Secret holding the Session secret as its value. | "" |
server.auth |
Speckle provides a number of different mechanisms for authenticating users. Each available option must be configured here. | |
server.auth.local.enabled |
If enabled, users can register and authenticate with an email address and password. | true |
server.auth.google.enabled |
If enabled, users can authenticate via Google with their Google account credentials. If enabling Google, the server.auth.google.client_id parameter is required, and a secret must be provided via the Kubernetes secret referenced in server.auth.google.clientSecret. |
false |
server.auth.google.client_id |
This is the ID for Speckle that you have registered with Google. | "" |
server.auth.google.clientSecret.secretName |
The name of the Kubernetes Secret containing the Google client secret. This is expected to be provided within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets | "" |
server.auth.google.clientSecret.secretKey |
The key within the Kubernetes Secret holding the Google client secret as its value. | "" |
server.auth.github.enabled |
If enabled, users can authenticate via Github with their Github account credentials. If enabling Github authentication, the server.auth.github.client_id parameter is required. |
false |
server.auth.github.client_id |
This is the ID for Speckle that you have registered with Github | "" |
server.auth.github.clientSecret.secretName |
The name of the Kubernetes Secret containing the GitHub client secret. This is expected to be provided within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets | "" |
server.auth.github.clientSecret.secretKey |
The key within the Kubernetes Secret holding the GitHub client secret as its value. | "" |
server.auth.azure_ad.enabled |
If enabled, users can authenticate via Azure Active Directory. | false |
server.auth.azure_ad.org_name |
This is the Organisation Name that you have registered with Azure | "" |
server.auth.azure_ad.identity_metadata |
This is the identity metadata for Speckle that you have registered with Azure | "" |
server.auth.azure_ad.issuer |
This is the issuer name for Speckle that you have registered with Azure | "" |
server.auth.azure_ad.client_id |
This is the ID for Speckle that you have registered with Azure | "" |
server.auth.azure_ad.clientSecret.secretName |
The name of the Kubernetes Secret containing the Azure AD client secret. This is expected to be provided within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets | "" |
server.auth.azure_ad.clientSecret.secretKey |
The key within the Kubernetes Secret holding the Azure AD client secret as its value. | "" |
server.auth.azure_ad.additional_domains |
List of matchName or matchPattern maps for domains that should be allow-listed for egress in Network Policy. https://docs.microsoft.com/en-us/azure/azure-portal/azure-portal-safelist-urls?tabs=public-cloud are enabled by default. |
[] |
server.auth.azure_ad.port |
Port on server to connect to. Used to allow egress in Network Policy. Defaults to 443 | 443 |
server.auth.oidc.enabled |
If enabled, users can authenticate via OpenID Connect identity provider | false |
server.auth.oidc.name |
This is the name that you want displayed on the login button | "" |
server.auth.oidc.discovery_url |
This is the OIDC discovery URL for the identity provider you want to use | "" |
server.auth.oidc.client_id |
This is the ID for Speckle that you have registered with the OIDC identity provider | "" |
server.auth.oidc.clientSecret.secretName |
The name of the Kubernetes Secret containing the OIDC client secret. This is expected to be provided within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets | "" |
server.auth.oidc.clientSecret.secretKey |
The key within the Kubernetes Secret holding the OIDC client secret as its value. | "" |
server.auth.oidc.domains |
List of matchName or matchPattern maps for domains that should be allow-listed for egress in Network Policy. |
[] |
server.email |
Speckle can communicate with users via email, providing account verification and notification. | |
server.email.enabled |
If enabled, Speckle can send email to users - for example, email verification for account registration. | false |
server.email.verificationTimeoutMinutes |
The number of minutes after which an email verification link will expire. Defaults to 5 minutes. | 5 |
server.email.host |
The domain name or IP address of the server hosting the email service. | "" |
server.email.port |
The port on the server for the email service. | "" |
server.email.from |
The email address from which Speckle will send emails. Defaults to ‘no-reply@speckle.systems’ if left blank. | "" |
server.email.username |
The username with which Speckle will authenticate with the email service. | "" |
server.email.password.secretName |
The name of the Kubernetes Secret containing the email password. This is expected to be provided within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets | "" |
server.email.password.secretKey |
The key within the Kubernetes Secret holding the email password as its value. | "" |
server.email.networkPolicy |
If networkPolicy is enabled for Speckle server, this provides the Network Policy with the necessary details to allow egress connections to the email server | |
server.email.networkPolicy.externalToCluster |
Only required if the Redis store is not hosted within the Kubernetes cluster in which Speckle will be deployed. | |
server.email.networkPolicy.externalToCluster.enabled |
If enabled, indicates that the email server is hosted externally to the Kubernetes cluster | true |
server.email.networkPolicy.inCluster |
is only required if the email server is hosted within the Kubernetes cluster in which Speckle will be deployed. | |
server.email.networkPolicy.inCluster.enabled |
If enabled, indicates that the email server is hosted withing the same Kubernetes cluster in which Speckle will be deployed | false |
server.email.networkPolicy.inCluster.kubernetes.podSelector |
(Kubernetes Network Policy only) The pod Selector yaml object used to uniquely select the email server pods within the cluster and given namespace | {} |
server.email.networkPolicy.inCluster.kubernetes.namespaceSelector |
(Kubernetes Network Policy only) The namespace selector yaml object used to uniquely select the namespace in which the email server pods are deployed | {} |
server.email.networkPolicy.inCluster.cilium.endpointSelector |
(Cilium Network Policy only) The endpoint selector yaml object used to uniquely select the in-cluster endpoint in which the email server pods are deployed | {} |
server.email.networkPolicy.inCluster.cilium.serviceSelector |
(Cilium Network Policy only) The service selector yaml object used to uniquely select the in-cluster service providing the email server | {} |
server.requests.cpu |
The CPU that should be available on a node when scheduling this pod. | 1000m |
server.requests.memory |
The Memory that should be available on a node when scheduling this pod. | 1Gi |
server.limits.cpu |
The maximum CPU that will be made available to the server Pod in a given period. | 1500m |
server.limits.memory |
The maximum Memory that will be made available to the server Pod. | 3Gi |
server.ratelimiting.enabled |
If enabled, rate limiting will be applied to the Speckle server. | true |
server.ratelimiting.all_requests |
The maximum number of requests that can be made to the Speckle server in a moving one second window. | 500 |
server.ratelimiting.burst_all_requests |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server in a moving one minute window. | 2000 |
server.ratelimiting.user_create |
The maximum number of requests that can be made to the Speckle server to create a new user in a moving one second window. | 6 |
server.ratelimiting.burst_user_create |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to create a new user in a moving one minute window. | 1000 |
server.ratelimiting.stream_create |
The maximum number of requests that can be made to the Speckle server to create a new stream in a moving one second window. | 1 |
server.ratelimiting.burst_stream_create |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to create a new stream in a moving one minute window. | 100 |
server.ratelimiting.commit_create |
The maximum number of requests that can be made to the Speckle server to create a new commit in a moving one second window. | 1 |
server.ratelimiting.burst_commit_create |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to create a new commit in a moving one minute window. | 100 |
server.ratelimiting.post_getobjects_streamid |
The maximum number of requests that can be made to the Speckle server to get a new object in a moving one second window. | 3 |
server.ratelimiting.burst_post_getobjects_streamid |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to get a new object in a moving one minute window. | 200 |
server.ratelimiting.post_diff_streamid |
The maximum number of requests that can be made to the Speckle server to undertake a diff in a moving one second window. | 10 |
server.ratelimiting.burst_post_diff_streamid |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to undertake a diff in a moving one minute window. | 1000 |
server.ratelimiting.post_objects_streamid |
The maximum number of requests that can be made to the Speckle server to post a new object in a moving one second window. | 6 |
server.ratelimiting.burst_post_objects_streamid |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to post a new object in a moving one minute window. | 400 |
server.ratelimiting.get_objects_streamid_objectid |
The maximum number of requests that can be made to the Speckle server to get an object in a moving one second window. | 3 |
server.ratelimiting.burst_get_objects_streamid_objectid |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to get an object in a moving one minute window. | 200 |
server.ratelimiting.get_objects_streamid_objectid_single |
The maximum number of requests that can be made to the Speckle server to get a single object in a moving one second window. | 3 |
server.ratelimiting.burst_get_objects_streamid_objectid_single |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to get a single object in a moving one minute window. | 200 |
server.ratelimiting.post_graphql |
The maximum number of requests that can be made to the GraphQL API in a moving one second window. | 50 |
server.ratelimiting.burst_post_graphql |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the GraphQL API in a moving one minute window. | 200 |
server.ratelimiting.get_auth |
The maximum number of requests that can be made to the Speckle server to authenticate in a moving 10 minute window. | 4 |
server.ratelimiting.burst_get_auth |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to authenticate in a moving thirty minute window. | 10 |
server.serviceAccount.create |
If enabled, a Kubernetes Service Account will be created for this pod. | true |
server.fileUploads.enabled |
If enabled, file uploads on the server will be flagged as enabled | true |
server.mailchimp.enabled |
Mailchimp integration feature flag | false |
server.mailchimp.apikey.secretName |
The name of the Kubernetes Secret containing the Mailchimp API key. | "" |
server.mailchimp.apikey.secretKey |
The key within the Kubernetes Secret holding the Mailchimp API key as its value. | mailchimp_apikey |
server.mailchimp.serverPrefix |
Mailchimp api server prefix | "" |
server.mailchimp.newsletterListId |
Audience id for the newsletter list | "" |
server.mailchimp.onboardingListId |
Audience id for the onboarding list | "" |
server.migration.movedFrom |
Indicate the URL where the server moved from | "" |
server.migration.movedTo |
Indicate the URL where the server moved to | "" |
server.monitoring.apollo.enabled |
(Optional) If enabled, exports metrics from the GraphQL API to Apollo Graphql Studio. | false |
server.monitoring.apollo.graph_id |
The ID for Speckle that you registered in Apollo Graphql Studio. | "" |
server.monitoring.apollo.key.secretName |
The name of the Kubernetes Secret containing the Apollo monitoring key. This is expected to be provided within the Kubernetes cluster as an opaque Kubernetes Secret. Ref: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets | "" |
server.monitoring.apollo.key.secretKey |
The key within the Kubernetes Secret holding the Apollo monitoring key as its value. | "" |
server.monitoring.mp |
(Optional) If server.monitoring.mp.enabled is set to false, metrics will not be collected by the Speckle server. | {} |
server.disable_tracking |
If set to true, will prevent tracking metrics from being collected | false |
server.disable_tracing |
If set to true, will prevent tracing metrics from being collected | false |
server.networkPolicy.enabled |
If enabled, will provide additional security be limiting network traffic into and out of the pod to only the required endpoints and ports. | false |
server.affinity |
Affinity for Speckle server pods scheduling | {} |
server.nodeSelector |
Node labels for Speckle server pods scheduling | {} |
server.tolerations |
Tolerations for Speckle server pods scheduling | [] |
server.topologySpreadConstraints |
Spread Constraints for Speckle server pod scheduling | [] |
server.additionalEnvVars |
Additional environment variables to be passed to the server pod | [] |
Server
Defines parameters related to the backend server component of Speckle.
| Name | Description | Value |
|---|---|---|
objects.enabled |
If enabled, the Speckle server will be deployed with the Objects component enabled. | true |
objects.replicas |
The number of instances of the Server pod to be deployed within the cluster. | 1 |
objects.image |
The Docker image to be used for the Speckle Objects component. If blank, defaults to speckle/speckle-server:. If provided, this value should be the full path including tag. The docker_image_tag value will be ignored. | "" |
objects.logLevel |
The minimum level of logs which will be output. Suitable values are trace, debug, info, warn, error, fatal, or silent | info |
objects.logPretty |
If enabled, will output logs in a human-readable format. Otherwise, logs will be output in JSON format. | false |
objects.inspect.enabled |
If enabled, indicates that the Speckle server should be deployed with the nodejs inspect feature enabled | false |
objects.inspect.port |
The port on which the nodejs inspect feature should be exposed | 7000 |
objects.requests.cpu |
The CPU that should be available on a node when scheduling this pod. | 1000m |
objects.requests.memory |
The Memory that should be available on a node when scheduling this pod. | 1Gi |
objects.limits.cpu |
The maximum CPU that will be made available to the server Pod in a given period. | 1500m |
objects.limits.memory |
The maximum Memory that will be made available to the server Pod. | 3Gi |
objects.ratelimiting.post_objects_streamid |
The maximum number of requests that can be made to the Speckle server to post a new object in a moving one second window. | 6 |
objects.ratelimiting.burst_post_objects_streamid |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to post a new object in a moving one minute window. | 400 |
objects.ratelimiting.get_objects_streamid_objectid |
The maximum number of requests that can be made to the Speckle server to get an object in a moving one second window. | 3 |
objects.ratelimiting.burst_get_objects_streamid_objectid |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to get an object in a moving one minute window. | 200 |
objects.ratelimiting.get_objects_streamid_objectid_single |
The maximum number of requests that can be made to the Speckle server to get a single object in a moving one second window. | 3 |
objects.ratelimiting.burst_get_objects_streamid_objectid_single |
If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to get a single object in a moving one minute window. | 200 |
objects.serviceAccount.create |
If enabled, a Kubernetes Service Account will be created for this pod. | true |
objects.networkPolicy.enabled |
If enabled, will provide additional security be limiting network traffic into and out of the pod to only the required endpoints and ports. | false |
objects.affinity |
Affinity for Speckle server pods scheduling | {} |
objects.nodeSelector |
Node labels for Speckle server pods scheduling | {} |
objects.tolerations |
Tolerations for Speckle server pods scheduling | [] |
objects.topologySpreadConstraints |
Spread Constraints for Speckle server pod scheduling | [] |
objects.additionalEnvVars |
Additional environment variables to be passed to the objects pod | [] |
frontend_2
Defines parameters related to the new web application component of Speckle
| Name | Description | Value |
|---|---|---|
frontend_2.image |
The Docker image to be used for the Speckle Frontend 2 component. If blank, defaults to speckle/speckle-frontend-2:. If provided, this value should be the full path including tag. The docker_image_tag value will be ignored. | "" |
frontend_2.logClientApiToken |
SEQ API token | "" |
frontend_2.logClientApiEndpoint |
SEQ endpoint URL | "" |
frontend_2.logLevel |
The minimum level of logs which will be output. Suitable values are trace, debug, info, warn, error, fatal, or silent | info |
frontend_2.logPretty |
If enabled, will output logs in a human-readable format. Otherwise, logs will be output in JSON format. | false |
frontend_2.inspect.enabled |
If enabled, indicates that the Speckle FE2 should be deployed with the nodejs inspect feature enabled | false |
frontend_2.inspect.port |
The port on which the nodejs inspect feature should be exposed | 7000 |
frontend_2.replicas |
The number of instances of the Frontend 2 server prod to be deployed withing the cluster. | 1 |
frontend_2.requests.cpu |
The CPU that should be available on a node when scheduling this pod. | 250m |
frontend_2.requests.memory |
The Memory that should be available on a node when scheduling this pod. | 256Mi |
frontend_2.limits.cpu |
The maximum CPU that will be made available to the frontend Pod in a given period. | 1000m |
frontend_2.limits.memory |
The maximum Memory that will be made available to the frontend Pod. | 512Mi |
frontend_2.networkPolicy.enabled |
If enabled, will provide additional security be limiting network traffic into and out of the pod to only the required endpoints and ports. | false |
frontend_2.affinity |
Affinity for Speckle frontend pod scheduling | {} |
frontend_2.nodeSelector |
Node labels for Speckle frontend pods scheduling | {} |
frontend_2.tolerations |
Tolerations for Speckle frontend pods scheduling | [] |
frontend_2.topologySpreadConstraints |
Spread Constraints for Speckle frontend pod scheduling | [] |
frontend_2.serviceAccount.create |
If enabled, a Kubernetes Service Account will be created for this pod. | true |
frontend_2.additionalEnvVars |
Additional environment variables to be passed to the frontend_2 pod | [] |
Preview Service
Defines parameters related to the Preview Service component of Speckle. Enables the Horizontal Pod Autoscaler Minimum number of replicas to scale down to Maximum number of replicas to scale up to Target CPU utilization percentage
| Name | Description | Value |
|---|---|---|
preview_service.enabled |
If enabled, the Preview Service will be deployed within the cluster and speckle-server will be configured to send the kubernetes service url of the objects server to the Preview Service. | true |
preview_service.dedicatedPreviewsQueue |
Allows using a dedicated redis url for the preview service job queue | false |
preview_service.gpu.enabled |
If enabled, the Preview Service will be deployed with GPU support. Assumes Vulkan driver is available on the host node. | false |
preview_service.replicas |
The number of instances of the Preview Service pod to be deployed within the cluster. | 1 |
preview_service.deploymentStrategy.type |
The deployment strategy type to be used for the Preview Service. This can be set to either Recreate or RollingUpdate. The default is Recreate as preview service does not require 100% availability. |
Recreate |
preview_service.logLevel |
The minimum level of logs which will be output. Suitable values are trace, debug, info, warn, error, fatal, or silent | info |
preview_service.logPretty |
If enabled, will output logs in a human-readable format. Otherwise, logs will be output in JSON format. | false |
preview_service.image |
The Docker image to be used for the Speckle Preview Service component. If blank, defaults to speckle/speckle-preview-service:. If provided, this value should be the full path including tag. The docker_image_tag value will be ignored. | "" |
preview_service.port |
The port on which the Preview Service will expose Prometheus metrics. | 3001 |
preview_service.postgresMaxConnections |
The maximum number of connections that the Preview Service postgres client will make to the Postgres database. | 2 |
preview_service.maxQueueBackpressure |
The maximum number of items that can be queued in the Preview Service job queue before we stop retrying previously errored preview jobs. This is used to prevent the Preview Service from being overwhelmed with too many jobs. | 1 |
preview_service.retryPeriodMinutes |
The period, in minutes, between retries of previously errored jobs. Must be an integer between 1 and 60. | 1 |
preview_service.puppeteer.userDataDirectory |
The path to the user data directory. If not set, defaults to ‘/tmp/puppeteer’. This is mounted in the deployment as a volume with read-write access. | "" |
preview_service.puppeteer.timeoutMilliseconds |
The timeout in milliseconds for the Puppeteer service. | 3600000 |
preview_service.requests.cpu |
The CPU that should be available on a node when scheduling this pod. | 500m |
preview_service.requests.memory |
The Memory that should be available on a node when scheduling this pod. | 2Gi |
preview_service.limits.cpu |
The maximum CPU that will be made available to the Preview Service Pod in a given period. | 1000m |
preview_service.limits.memory |
The maximum Memory that will be made available to the Preview Service Pod. | 4Gi |
preview_service.autoscaling.enabled |
false |
|
preview_service.autoscaling.minReplicas |
1 |
|
preview_service.autoscaling.maxReplicas |
10 |
|
preview_service.autoscaling.targetCPUUtilizationPercentage |
80 |
|
preview_service.networkPolicy.enabled |
If enabled, will provide additional security be limiting network traffic into and out of the pod to only the required endpoints and ports. | false |
preview_service.affinity |
Affinity for Speckle Preview Service pod scheduling | {} |
preview_service.nodeSelector |
Node labels for Speckle Preview Service pods scheduling | {} |
preview_service.tolerations |
Tolerations for Speckle Preview Service pods scheduling | [] |
preview_service.topologySpreadConstraints |
Spread Constraints for Speckle Preview Service pod scheduling | [] |
preview_service.serviceAccount.create |
If enabled, a Kubernetes Service Account will be created for this pod. | true |
preview_service.additionalEnvVars |
Additional environment variables to be passed to the Preview service pod | [] |
Webhook Service
Defines parameters related to the Webhook Service component of Speckle.
| Name | Description | Value |
|---|---|---|
webhook_service.enabled |
If enabled, the Webhook Service will be deployed within the cluster. | true |
webhook_service.replicas |
The number of instances of the Webhook Service pod to be deployed within the cluster. | 1 |
webhook_service.deploymentStrategy.type |
The deployment strategy type to be used for the Webhook Service. This can be set to either Recreate or RollingUpdate. The default is Recreate as webhook service does not require 100% availability. |
Recreate |
webhook_service.logLevel |
The minimum level of logs which will be output. Suitable values are trace, debug, info, warn, error, fatal, or silent | info |
webhook_service.logPretty |
If enabled, will output logs in a human-readable format. Otherwise, logs will be output in JSON format. | false |
webhook_service.image |
The Docker image to be used for the Speckle Webhook Service component. If blank, defaults to speckle/speckle-webhook-service:. If provided, this value should be the full path including tag. The docker_image_tag value will be ignored. | "" |
webhook_service.postgresMaxConnections |
The maximum number of connections that the Webhook Service postgres client will make to the Postgres database. | 1 |
webhook_service.requests.cpu |
The CPU that should be available on a node when scheduling this pod. | 500m |
webhook_service.requests.memory |
The Memory that should be available on a node when scheduling this pod. | 2Gi |
webhook_service.limits.cpu |
The maximum CPU that will be made available to the Webhook Service Pod in a given period. | 1000m |
webhook_service.limits.memory |
The maximum Memory that will be made available to the Webhook Service Pod. | 4Gi |
webhook_service.networkPolicy.enabled |
If enabled, will provide additional security be limiting network traffic into and out of the pod to only the required endpoints and ports. | false |
webhook_service.affinity |
Affinity for Speckle Webhook Service pod scheduling | {} |
webhook_service.nodeSelector |
Node labels for Speckle Webhook Service pods scheduling | {} |
webhook_service.tolerations |
Tolerations for Speckle Webhook Service pods scheduling | [] |
webhook_service.topologySpreadConstraints |
Spread Constraints for Speckle Webhook Service pod scheduling | [] |
webhook_service.serviceAccount.create |
If enabled, a Kubernetes Service Account will be created for this pod. | true |
webhook_service.additionalEnvVars |
Additional environment variables to be passed to the Webhook service pod | [] |
File Import Service
Defines parameters related to the File Import Service component of Speckle.
| Name | Description | Value |
|---|---|---|
fileimport_service.enabled |
If enabled, the File Import Service will be deployed within the cluster. | true |
fileimport_service.replicas |
The number of instances of the FileImport Service pod to be deployed within the cluster. | 1 |
fileimport_service.deploymentStrategy.type |
The deployment strategy type to be used for the FileImport Service. This can be set to either Recreate or RollingUpdate. The default is Recreate as file import service does not require 100% availability. |
Recreate |
fileimport_service.logLevel |
The minimum level of logs which will be output. Suitable values are trace, debug, info, warn, error, fatal, or silent | info |
fileimport_service.logPretty |
If enabled, will output logs in a human-readable format. Otherwise, logs will be output in JSON format. | false |
fileimport_service.image |
The Docker image to be used for the Speckle FileImport Service component. If blank, defaults to speckle/speckle-fileimport-service:. If provided, this value should be the full path including tag. The docker_image_tag value will be ignored. | "" |
fileimport_service.postgresMaxConnections |
The maximum number of connections that the File Import Service postgres client will make to the Postgres database. | 1 |
fileimport_service.inspect.enabled |
If enabled, indicates that the File Import service should be deployed with the nodejs inspect feature enabled | false |
fileimport_service.inspect.port |
The port on which the nodejs inspect feature should be exposed | 7000 |
fileimport_service.requests.cpu |
The CPU that should be available on a node when scheduling this pod. | 100m |
fileimport_service.requests.memory |
The Memory that should be available on a node when scheduling this pod. | 512Mi |
fileimport_service.limits.cpu |
The maximum CPU that will be made available to the FileImport Service Pod in a given period. | 1000m |
fileimport_service.limits.memory |
The maximum Memory that will be made available to the FileImport Service Pod. | 2Gi |
fileimport_service.networkPolicy.enabled |
If enabled, will provide additional security be limiting network traffic into and out of the pod to only the required endpoints and ports. | false |
fileimport_service.affinity |
Affinity for Speckle FileImport Service pod scheduling | {} |
fileimport_service.nodeSelector |
Node labels for Speckle FileImport Service pods scheduling | {} |
fileimport_service.tolerations |
Tolerations for Speckle FileImport Service pods scheduling | [] |
fileimport_service.topologySpreadConstraints |
Spread Constraints for Speckle FileImport Service pod scheduling | [] |
fileimport_service.serviceAccount.create |
If enabled, a Kubernetes Service Account will be created for this pod. | true |
fileimport_service.additionalEnvVars |
Additional environment variables to be passed to the FileImport service pod | [] |
fileimport_service.time_limit_min |
DEPRECATED, use file_import_time_limit_min instead. The maximum time that a file can take to be processed by the FileImport Service. | 30 |
IFC Importer Service
Defines parameters related to the IFC Import Service component of Speckle. The IFC Import Service is intended to eventually replace the File Import Service.
| Name | Description | Value |
|---|---|---|
ifc_import_service.enabled |
If enabled, the File Import Service will be deployed within the cluster. | false |
ifc_import_service.replicas |
The number of instances of the FileImport Service pod to be deployed within the cluster. | 1 |
ifc_import_service.deploymentStrategy.type |
The deployment strategy type to be used for the FileImport Service. This can be set to either Recreate or RollingUpdate. The default is Recreate as file import service does not require 100% availability. |
Recreate |
ifc_import_service.logLevel |
The minimum level of logs which will be output. Suitable values are trace, debug, info, warn, error, fatal, or silent | info |
ifc_import_service.logPretty |
If enabled, will output logs in a human-readable format. Otherwise, logs will be output in JSON format. | false |
ifc_import_service.image |
The Docker image to be used for the Speckle FileImport Service component. If blank, defaults to speckle/speckle-fileimport-service:. If provided, this value should be the full path including tag. The docker_image_tag value will be ignored. | "" |
ifc_import_service.db.postgresMaxConnections |
The maximum number of connections that the File Import Service postgres client will make to the Postgres database. | 1 |
ifc_import_service.db.connectionString.secretName |
The name of the Kubernetes Secret which contains the connection string to the Postgres database. Defaults to value of .Values.secretName if this value is not provided. | "" |
ifc_import_service.db.connectionString.secretKey |
The name of the key within the Kubernetes Secret which contains the connection string to the Postgres database. | fileimport_queue_postgres_url |
ifc_import_service.db.certificate.enabled |
If true, the certificate in the configmap will be mounted as a file in to the pod. | false |
ifc_import_service.db.certificate.configMapName |
The name of the Kubernetes ConfigMap in which the certificate can be found. | ifc-importer-postgres-certificate |
ifc_import_service.db.certificate.configMapKey |
The key within the Kubernetes ConfigMap in which the certificate can be found. | ca-certificate.crt |
ifc_import_service.db.certificate.data |
If not empty and the certificate is enabled, this Helm Chart will populate a Kubernetes ConfigMap of the given name & key with this data. This is intended to be contents of a PEM file, and will be mounted as a file in the pod. | "" |
ifc_import_service.requests.cpu |
The CPU that should be available on a node when scheduling this pod. | 100m |
ifc_import_service.requests.memory |
The Memory that should be available on a node when scheduling this pod. | 512Mi |
ifc_import_service.limits.cpu |
The maximum CPU that will be made available to the FileImport Service Pod in a given period. | 1000m |
ifc_import_service.limits.memory |
The maximum Memory that will be made available to the FileImport Service Pod. | 2Gi |
ifc_import_service.affinity |
Affinity for Speckle FileImport Service pod scheduling | {} |
ifc_import_service.nodeSelector |
Node labels for Speckle FileImport Service pods scheduling | {} |
ifc_import_service.tolerations |
Tolerations for Speckle FileImport Service pods scheduling | [] |
ifc_import_service.topologySpreadConstraints |
Spread Constraints for Speckle FileImport Service pod scheduling | [] |
ifc_import_service.serviceAccount.create |
If enabled, a Kubernetes Service Account will be created for this pod. | true |
ifc_import_service.additionalEnvVars |
Additional environment variables to be passed to the FileImport service pod | [] |
Monitoring
Provides Speckle with metrics related to the Postgres database.
| Name | Description | Value |
|---|---|---|
monitoring.enabled |
If enabled, database monitoring will be deployed within the cluster. | true |
monitoring.replicas |
The number of instances of the Monitoring pod to be deployed within the cluster. | 1 |
monitoring.logLevel |
The minimum level of logs which will be output. Suitable values are trace, debug, info, warn, error, fatal, or silent | info |
monitoring.logPretty |
If enabled, will output logs in a human-readable format. Otherwise, logs will be output in JSON format. | false |
monitoring.port |
The port on which the Monitoring Service will run. | 9092 |
monitoring.maximumPostgresConnections |
The maximum number of connections that the Monitoring Service will allow to the Postgres database. A connection pool exists to manage access to the connections. | 2 |
monitoring.metricsCollectionPeriodSeconds |
The period in seconds at which the Monitoring Service will query the Postgres database for metrics. Unlike typical Prometheus metrics, the data from the database is not collected in real-time when /metrics is accessed, and is instead done out-of-band on a timed interval. | 120 |
monitoring.image |
The Docker image to be used for the Speckle Monitoring component. If blank, defaults to speckle/speckle-monitoring-deployment:. If provided, this value should be the full path including tag. The docker_image_tag value will be ignored. | "" |
monitoring.requests.cpu |
The CPU that should be available on a node when scheduling this pod. | 100m |
monitoring.requests.memory |
The Memory that should be available on a node when scheduling this pod. | 64Mi |
monitoring.limits.cpu |
The maximum CPU that will be made available to the Monitoring Pod in a given period. | 200m |
monitoring.limits.memory |
The maximum Memory that will be made available to the Monitoring Pod. | 512Mi |
monitoring.networkPolicy.enabled |
If enabled, will provide additional security be limiting network traffic into and out of the pod to only the required endpoints and ports. | false |
monitoring.affinity |
Affinity for Speckle Monitoring pod scheduling | {} |
monitoring.nodeSelector |
Node labels for Speckle Monitoring pods scheduling | {} |
monitoring.tolerations |
Tolerations for Speckle Monitoring pods scheduling | [] |
monitoring.topologySpreadConstraints |
Spread Constraints for Speckle Monitoring pod scheduling | [] |
monitoring.serviceAccount.create |
If enabled, a Kubernetes Service Account will be created for this pod. | true |
monitoring.additionalEnvVars |
Additional environment variables to be passed to the Monitoring pod | [] |
Testing
Defines parameters related to testing that the deployment of Speckle has been successful.
| Name | Description | Value |
|---|---|---|
helm_test_enabled |
If enabled, an additional pod is deployed which verifies some functionality of Speckle to determine if it is deployed correctly | true |
test.logLevel |
The minimum level of logs which will be output. Suitable values are trace, debug, info, warn, error, fatal, or silent | info |
test.logPretty |
If enabled, will output logs in a human-readable format. Otherwise, logs will be output in JSON format. | false |
test.image |
The Docker image to be used for the Speckle Test component. If blank, defaults to speckle/speckle-test-deployment:. If provided, this value should be the full path including tag. The docker_image_tag value will be ignored. | "" |
test.requests.cpu |
The CPU that should be available on a node when scheduling this pod. | 100m |
test.requests.memory |
The Memory that should be available on a node when scheduling this pod. | 64Mi |
test.limits.cpu |
The maximum CPU that will be made available to the Test Pod in a given period. | 200m |
test.limits.memory |
The maximum Memory that will be made available to the Test Pod. | 512Mi |
test.networkPolicy.enabled |
If enabled, will provide additional security be limiting network traffic into and out of the pod to only the required endpoints and ports. | false |
test.serviceAccount.create |
If enabled, a Kubernetes Service Account will be created for this pod. | true |
test.additionalEnvVars |
Additional environment variables to be passed to the Test pod | [] |
Resources
for help, feature requests or just to hang with other speckle enthusiasts, check out our community forum!
our tutorials portal is full of resources to get you started using Speckle
reference on almost any end-user and developer functionality
Other repos
Make sure to also check and ⭐️ these other Speckle repositories:
speckle-server: Speckle Serverspeckle-sharp: .NET tooling, connectors and interoperabilityspecklepy: Python SDK 🐍speckle-excel: Excel connectorspeckle-unity: Unity 3D connectorspeckle-blender: Blender connectorspeckle-unreal: Unreal Engine Connectorspeckle-qgis: QGIS connectodspeckle-powerbi: PowerBi connector- and more connectors & tooling!
Developing and Debugging
This repository is a clone of the Helm chart in the Speckle Server repository.
⚠️ Pull requests are not accepted to this repository ⚠️. Instead, please contribute to the Helm chart within the Speckle Server repository.
Security
For any security vulnerabilities or concerns, please contact us directly at security[at]speckle.systems.
License
Unless otherwise described, the code in this repository is licensed under the Apache-2.0 License. Please note that some modules, extensions or code herein might be otherwise licensed. This is indicated either in the root of the containing folder under a different license file, or in the respective file’s header. If you have any questions, don’t hesitate to get in touch with us via email.