diff --git a/docs/self-hosting/govern/plane-ai.md b/docs/self-hosting/govern/plane-ai.md index 2fa7c7d..5642b64 100644 --- a/docs/self-hosting/govern/plane-ai.md +++ b/docs/self-hosting/govern/plane-ai.md @@ -60,6 +60,14 @@ Embedding models power semantic search. Plane AI supports: ## Enable Plane AI services +:::tip +For other deployment methods such as Coolify, Portainer, Docker Swarm, and Podman Quadlets, use the same [environment variables](/self-hosting/govern/environment-variables#plane-ai) defined for Docker Compose Setup. +::: + +:::tabs key:deployment-method + +== Docker Compose {#docker-compose} + Open the `/opt/plane/plane.env` file in your preferred editor and set the replica count for Plane AI services to `1`: ```bash @@ -69,6 +77,20 @@ PI_WORKER_REPLICAS=1 PI_MIGRATOR_REPLICAS=1 ``` +== Kubernetes {#kubernetes} + +Open your `values.yaml` file and enable the Plane AI service by setting `services.pi.enabled` to `true`: + +```yaml +services: + pi: + enabled: true +``` + +This activates the Plane AI API, worker, beat-worker, and migrator workloads. Replica counts and resource limits for each workload can be configured through the [Plane AI values block](/self-hosting/methods/kubernetes#plane-ai-pi-deployment) in your `values.yaml`. + +::: + ## Configure an LLM provider Configure at least one LLM provider. Add the relevant variables to `/opt/plane/plane.env`. diff --git a/docs/self-hosting/methods/download-config.md b/docs/self-hosting/methods/download-config.md index 61af22f..8285e41 100644 --- a/docs/self-hosting/methods/download-config.md +++ b/docs/self-hosting/methods/download-config.md @@ -20,7 +20,7 @@ curl "https://prime.plane.so/api/v2/setup/?version=&airgapped=&airgapped==1. | +| services.pi.memoryLimit | 1000Mi | | Memory limit for the Plane AI API deployment. | +| services.pi.cpuLimit | 500m | | CPU limit for the Plane AI API deployment. | +| services.pi.memoryRequest | 50Mi | | Memory request for the Plane AI API deployment. | +| services.pi.cpuRequest | 50m | | CPU request for the Plane AI API deployment. | +| services.pi.image | artifacts.plane.so/makeplane/plane-pi-commercial | | Docker image for the Plane AI service. | +| services.pi.pullPolicy | Always | | Image pull policy for the Plane AI deployment. | +| services.pi.assign_cluster_ip | false | | Set it to `true` if you want to assign `ClusterIP` to the Plane AI API service. | +| services.pi.nodeSelector | {} | | Node selector for the Plane AI API deployment. | +| services.pi.tolerations | [] | | Tolerations for the Plane AI API deployment. | +| services.pi.affinity | {} | | Affinity rules for the Plane AI API deployment. | +| services.pi.labels | {} | | Custom labels to add to the Plane AI API deployment. | +| services.pi.annotations | {} | | Custom annotations to add to the Plane AI API deployment. | +| env.pg_pi_db_name | plane_pi | | PostgreSQL database name used by Plane AI when `postgres.local_setup=true`. | +| env.pg_pi_db_remote_url | "" | | PostgreSQL connection URL for Plane AI when using a remote database. Required when `postgres.local_setup=false` and Plane AI is enabled. | +| env.pi_envs.internal_secret | tyfvfqvBJAgpm9bzvf3r4urJer0Ehfdubk | | Internal secret used by Plane AI for OAuth and internal APIs. | +| env.pi_envs.plane_api_host | "" | | Override for the Plane API host URL used by Plane AI. Defaults to the license domain. | +| env.pi_envs.cors_allowed_origins | "" | | CORS allowed origins for Plane AI API. Defaults to the license domain. | + +#### Plane AI Worker Deployment + +| Setting | Default | Required | Description | +| -------------------------------- | :-----: | :------: | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| services.pi_worker.replicas | 1 | Yes | Kubernetes helps you with scaling up/down the deployments. You can run 1 or more pods for the Plane AI worker. This key helps you set the number of replicas. It must be >=1. | +| services.pi_worker.memoryLimit | 1000Mi | | Every deployment in kubernetes can be set to use maximum memory they are allowed to use. This key sets the memory limit for the Plane AI worker deployment to use. | +| services.pi_worker.cpuLimit | 500m | | Every deployment in kubernetes can be set to use maximum cpu they are allowed to use. This key sets the cpu limit for the Plane AI worker deployment to use. | +| services.pi_worker.memoryRequest | 50Mi | | Every deployment in kubernetes can be set to use minimum memory they are allowed to use. This key sets the memory request for the Plane AI worker deployment to use. | +| services.pi_worker.cpuRequest | 50m | | Every deployment in kubernetes can be set to use minimum cpu they are allowed to use. This key sets the cpu request for the Plane AI worker deployment to use. | +| services.pi_worker.nodeSelector | {} | | This key allows you to set the node selector for the deployment of `pi_worker`. This is useful when you want to run the deployment on specific nodes in your Kubernetes cluster. | +| services.pi_worker.tolerations | [] | | This key allows you to set the tolerations for the deployment of `pi_worker`. This is useful when you want to run the deployment on nodes with specific taints in your Kubernetes cluster. | +| services.pi_worker.affinity | {} | | This key allows you to set the affinity rules for the deployment of `pi_worker`. This is useful when you want to control how pods are scheduled on nodes in your Kubernetes cluster. | +| services.pi_worker.labels | {} | | Custom labels to add to the Plane AI worker deployment | +| services.pi_worker.annotations | {} | | Custom annotations to add to the Plane AI worker deployment | + +#### Plane AI Beat-Worker Deployment + +| Setting | Default | Required | Description | +| ------------------------------------- | :-----: | :------: | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| services.pi_beat_worker.replicas | 1 | Yes | Kubernetes helps you with scaling up/down the deployments. You can run 1 or more pods for the Plane AI beat-worker. This key helps you set the number of replicas. It must be >=1. | +| services.pi_beat_worker.memoryLimit | 1000Mi | | Every deployment in kubernetes can be set to use maximum memory they are allowed to use. This key sets the memory limit for the Plane AI beat-worker deployment to use. | +| services.pi_beat_worker.cpuLimit | 500m | | Every deployment in kubernetes can be set to use maximum cpu they are allowed to use. This key sets the cpu limit for the Plane AI beat-worker deployment to use. | +| services.pi_beat_worker.memoryRequest | 50Mi | | Every deployment in kubernetes can be set to use minimum memory they are allowed to use. This key sets the memory request for the Plane AI beat-worker deployment to use. | +| services.pi_beat_worker.cpuRequest | 50m | | Every deployment in kubernetes can be set to use minimum cpu they are allowed to use. This key sets the cpu request for the Plane AI beat-worker deployment to use. | +| services.pi_beat_worker.nodeSelector | {} | | This key allows you to set the node selector for the deployment of `pi_beat_worker`. This is useful when you want to run the deployment on specific nodes in your Kubernetes cluster. | +| services.pi_beat_worker.tolerations | [] | | This key allows you to set the tolerations for the deployment of `pi_beat_worker`. This is useful when you want to run the deployment on nodes with specific taints in your Kubernetes cluster. | +| services.pi_beat_worker.affinity | {} | | This key allows you to set the affinity rules for the deployment of `pi_beat_worker`. This is useful when you want to control how pods are scheduled on nodes in your Kubernetes cluster. | +| services.pi_beat_worker.labels | {} | | Custom labels to add to the Plane AI beat-worker deployment | +| services.pi_beat_worker.annotations | {} | | Custom annotations to add to the Plane AI beat-worker deployment | + #### Worker Deployment | Setting | Default | Required | Description | @@ -527,46 +581,56 @@ When the email service is enabled, the cert-issuer will be automatically created To configure the external secrets for your application, you need to define specific environment variables for each secret category. Below is a list of the required secrets and their respective environment variables. -| Secret Name | Env Var Name | Required | Description | Example Value | -| ------------------------- | --------------------------------- | ----------------------------------------------------------- | ------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| rabbitmq_existingSecret | RABBITMQ_DEFAULT_USER | Required if `rabbitmq.local_setup=true` | The default RabbitMQ user | plane | -| | RABBITMQ_DEFAULT_PASS | Required if `rabbitmq.local_setup=true` | The default RabbitMQ password | plane | -| pgdb_existingSecret | POSTGRES_PASSWORD | Required if `postgres.local_setup=true` | Password for PostgreSQL database | plane | -| | POSTGRES_DB | Required if `postgres.local_setup=true` | Name of the PostgreSQL database | plane | -| | POSTGRES_USER | Required if `postgres.local_setup=true` | PostgreSQL user | plane | -| opensearch_existingSecret | OPENSEARCH_ENABLED | Yes | Flag to enable OpenSearch | 1 (enabled) or 0 (disabled) | -| | OPENSEARCH_URL | Required if OpenSearch is enabled | OpenSearch connection URL | **k8s service example:** `http://plane-opensearch.plane-ns.svc.cluster.local:9200` **external service example:** `https://your-opensearch-host:9200` | -| | OPENSEARCH_USERNAME | Required if OpenSearch is enabled | Username for OpenSearch | **local setup:** plane **remote setup:** your_remote_username | -| | OPENSEARCH_PASSWORD | Required if OpenSearch is enabled | Password for OpenSearch | **local setup:** Secure@Pass#123!%^&\* **remote setup:** your_remote_password | -| | OPENSEARCH_INITIAL_ADMIN_PASSWORD | Required if `opensearch.local_setup=true` | Initial admin password for local OpenSearch | Secure@Pass#123!%^&\* | -| | OPENSEARCH_INDEX_PREFIX | Optional | Prefix for OpenSearch indices | plane\_ | -| doc_store_existingSecret | USE_MINIO | Yes | Flag to enable MinIO as the storage backend | 1 | -| | MINIO_ROOT_USER | Yes | MinIO root user | admin | -| | MINIO_ROOT_PASSWORD | Yes | MinIO root password | password | -| | AWS_ACCESS_KEY_ID | Yes | AWS Access Key ID | your_aws_key | -| | AWS_SECRET_ACCESS_KEY | Yes | AWS Secret Access Key | your_aws_secret | -| | AWS_S3_BUCKET_NAME | Yes | AWS S3 Bucket Name | your_bucket_name | -| | AWS_S3_ENDPOINT_URL | Yes | Endpoint URL for AWS S3 or MinIO | `http://plane-minio.plane-ns.svc.cluster.local:9000` | -| | AWS_REGION | Optional | AWS region where your S3 bucket is located | your_aws_region | -| | FILE_SIZE_LIMIT | Yes | Limit for file uploads in your system | 5MB | -| app_env_existingSecret | SECRET_KEY | Yes | Random secret key | 60gp0byfz2dvffa45cxl20p1scy9xbpf6d8c5y0geejgkyp1b5 | -| | REDIS_URL | Yes | Redis URL | `redis://plane-redis.plane-ns.svc.cluster.local:6379/` | -| | DATABASE_URL | Yes | PostgreSQL connection URL | k8s service example: `postgresql://plane:plane@plane-pgdb.plane-ns.svc.cluster.local:5432/plane` external service example: `postgresql://username:password@your-db-host:5432/plane` | -| | AMQP_URL | Yes | RabbitMQ connection URL | k8s service example: `amqp://plane:plane@plane-rabbitmq.plane-ns.svc.cluster.local:5672/` external service example: `amqp://username:password@your-rabbitmq-host:5672/` | -| live_env_existingSecret | REDIS_URL | Yes | Redis URL | `redis://plane-redis.plane-ns.svc.cluster.local:6379/` | -| silo_env_existingSecret | SILO_HMAC_SECRET_KEY | Yes | Silo HMAC secret Key | `` | -| | REDIS_URL | Yes | Redis URL | redis://plane-redis.plane-ns.svc.cluster.local:6379/ | -| | DATABASE_URL | Yes | PostgreSQL connection URL | k8s service example: postgresql://plane:plane@plane-pgdb.plane-ns.svc.cluster.local:5432/plane external service example: postgresql://username:password@your-db-host:5432/plane | -| | AMQP_URL | Yes | RabbitMQ connection URL | k8s service example: amqp://plane:plane@plane-rabbitmq.plane-ns.svc.cluster.local:5672/ external service example: amqp://username:password@your-rabbitmq-host:5672/ | -| | GITHUB_APP_NAME | Required if services.silo.connectors.github.enabled is true | GitHub app name | your_github_app_name | -| | GITHUB_APP_ID | Required if services.silo.connectors.github.enabled is true | GitHub app ID | your_github_app_id | -| | GITHUB_CLIENT_ID | Required if services.silo.connectors.github.enabled is true | GitHub client ID | your_github_client_id | -| | GITHUB_CLIENT_SECRET | Required if services.silo.connectors.github.enabled is true | GitHub client secret key | your_github_client_secret_key | -| | GITHUB_PRIVATE_KEY | Required if services.silo.connectors.github.enabled is true | GitHub private key | your_github_private_key | -| | SLACK_CLIENT_ID | Required if services.silo.connectors.slack.enabled is true | Slack client ID | your_slack_client_id | -| | SLACK_CLIENT_SECRET | Required if services.silo.connectors.slack.enabled is true | Slack client secret key | your_slack_client_secret_key | -| | GITLAB_CLIENT_ID | Required if services.silo.connectors.gitlab.enabled is true | GitLab client ID | your_gitlab_client_id | -| | GITLAB_CLIENT_SECRET | Required if services.silo.connectors.gitlab.enabled is true | GitLab client secret key | your_gitlab_client_secret_key | +| Secret Name | Env Var Name | Required | Description | Example Value | +| ------------------------- | --------------------------------- | ---------------------------------------------------------------------- | ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| rabbitmq_existingSecret | RABBITMQ_DEFAULT_USER | Required if `rabbitmq.local_setup=true` | The default RabbitMQ user | plane | +| | RABBITMQ_DEFAULT_PASS | Required if `rabbitmq.local_setup=true` | The default RabbitMQ password | plane | +| pgdb_existingSecret | POSTGRES_PASSWORD | Required if `postgres.local_setup=true` | Password for PostgreSQL database | plane | +| | POSTGRES_DB | Required if `postgres.local_setup=true` | Name of the PostgreSQL database | plane | +| | POSTGRES_USER | Required if `postgres.local_setup=true` | PostgreSQL user | plane | +| opensearch_existingSecret | OPENSEARCH_ENABLED | Yes | Flag to enable OpenSearch | 1 (enabled) or 0 (disabled) | +| | OPENSEARCH_URL | Required if OpenSearch is enabled | OpenSearch connection URL | **k8s service example:** `http://plane-opensearch.plane-ns.svc.cluster.local:9200` **external service example:** `https://your-opensearch-host:9200` | +| | OPENSEARCH_USERNAME | Required if OpenSearch is enabled | Username for OpenSearch | **local setup:** plane **remote setup:** your_remote_username | +| | OPENSEARCH_PASSWORD | Required if OpenSearch is enabled | Password for OpenSearch | **local setup:** Secure@Pass#123!%^&\* **remote setup:** your_remote_password | +| | OPENSEARCH_INITIAL_ADMIN_PASSWORD | Required if `opensearch.local_setup=true` | Initial admin password for local OpenSearch | Secure@Pass#123!%^&\* | +| | OPENSEARCH_INDEX_PREFIX | Optional | Prefix for OpenSearch indices | plane\_ | +| doc_store_existingSecret | USE_MINIO | Yes | Flag to enable MinIO as the storage backend | 1 | +| | MINIO_ROOT_USER | Yes | MinIO root user | admin | +| | MINIO_ROOT_PASSWORD | Yes | MinIO root password | password | +| | AWS_ACCESS_KEY_ID | Yes | AWS Access Key ID | your_aws_key | +| | AWS_SECRET_ACCESS_KEY | Yes | AWS Secret Access Key | your_aws_secret | +| | AWS_S3_BUCKET_NAME | Yes | AWS S3 Bucket Name | your_bucket_name | +| | AWS_S3_ENDPOINT_URL | Yes | Endpoint URL for AWS S3 or MinIO | `http://plane-minio.plane-ns.svc.cluster.local:9000` | +| | AWS_REGION | Optional | AWS region where your S3 bucket is located | your_aws_region | +| | FILE_SIZE_LIMIT | Yes | Limit for file uploads in your system | 5MB | +| app_env_existingSecret | SECRET_KEY | Yes | Random secret key | 60gp0byfz2dvffa45cxl20p1scy9xbpf6d8c5y0geejgkyp1b5 | +| | REDIS_URL | Yes | Redis URL | `redis://plane-redis.plane-ns.svc.cluster.local:6379/` | +| | DATABASE_URL | Yes | PostgreSQL connection URL | k8s service example: `postgresql://plane:plane@plane-pgdb.plane-ns.svc.cluster.local:5432/plane` external service example: `postgresql://username:password@your-db-host:5432/plane` | +| | AMQP_URL | Yes | RabbitMQ connection URL | k8s service example: `amqp://plane:plane@plane-rabbitmq.plane-ns.svc.cluster.local:5672/` external service example: `amqp://username:password@your-rabbitmq-host:5672/` | +| live_env_existingSecret | REDIS_URL | Yes | Redis URL | `redis://plane-redis.plane-ns.svc.cluster.local:6379/` | +| silo_env_existingSecret | SILO_HMAC_SECRET_KEY | Yes | Silo HMAC secret Key | `` | +| | REDIS_URL | Yes | Redis URL | redis://plane-redis.plane-ns.svc.cluster.local:6379/ | +| | DATABASE_URL | Yes | PostgreSQL connection URL | k8s service example: postgresql://plane:plane@plane-pgdb.plane-ns.svc.cluster.local:5432/plane external service example: postgresql://username:password@your-db-host:5432/plane | +| | AMQP_URL | Yes | RabbitMQ connection URL | k8s service example: amqp://plane:plane@plane-rabbitmq.plane-ns.svc.cluster.local:5672/ external service example: amqp://username:password@your-rabbitmq-host:5672/ | +| | GITHUB_APP_NAME | Required if `services.silo.connectors.github.enabled` is true | GitHub app name | your_github_app_name | +| | GITHUB_APP_ID | Required if `services.silo.connectors.github.enabled` is true | GitHub app ID | your_github_app_id | +| | GITHUB_CLIENT_ID | Required if `services.silo.connectors.github.enabled` is true | GitHub client ID | your_github_client_id | +| | GITHUB_CLIENT_SECRET | Required if `services.silo.connectors.github.enabled` is true | GitHub client secret key | your_github_client_secret_key | +| | GITHUB_PRIVATE_KEY | Required if `services.silo.connectors.github.enabled` is true | GitHub private key | your_github_private_key | +| | SLACK_CLIENT_ID | Required if `services.silo.connectors.slack.enabled` is true | Slack client ID | your_slack_client_id | +| | SLACK_CLIENT_SECRET | Required if `services.silo.connectors.slack.enabled` is true | Slack client secret key | your_slack_client_secret_key | +| | GITLAB_CLIENT_ID | Required if `services.silo.connectors.gitlab.enabled` is true | GitLab client ID | your_gitlab_client_id | +| | GITLAB_CLIENT_SECRET | Required if `services.silo.connectors.gitlab.enabled` is true | GitLab client secret key | your_gitlab_client_secret_key | +| pi_api_env_existingSecret | PLANE_PI_DATABASE_URL | Required if `services.pi.enabled=true` | PostgreSQL connection URL for Plane AI database | **k8s service example**: `postgresql://plane:plane@plane-pgdb.plane-ns.svc.cluster.local/plane_pi`

**external**: `postgresql://username:password@your-db-host:5432/plane_pi` | +| | AMQP_URL | Required if `services.pi.enabled=true` | RabbitMQ connection URL | **k8s service example**: `amqp://plane:plane@plane-rabbitmq.plane-ns.svc.cluster.local:5672/`

**external**: `amqp://username:password@your-rabbitmq-host:5672/` | +| | AES_SECRET_KEY | Required if `services.pi.enabled=true` | AES secret key for Plane AI | dsOdt7YrvxsTIFJ37pOaEVvLxN8KGBCr (or your own value) | +| | OPENAI_API_KEY | required if `services.pi.ai_providers.openai.enabled` is true | OpenAI API key | your_openai_api_key | +| | CLAUDE_API_KEY | required if `services.pi.ai_providers.claude.enabled` is true | Claude API key | your_claude_api_key | +| | GROQ_API_KEY | required if `services.pi.ai_providers.groq.enabled` is true | Groq API key | your_groq_api_key | +| | COHERE_API_KEY | required if `services.pi.ai_providers.cohere.enabled` is true | Cohere API key | your_cohere_api_key | +| | CUSTOM_LLM_API_KEY | required if `services.pi.ai_providers.custom_llm.enabled` is true | Custom LLM API key | your_custom_llm_api_key | +| | BR_AWS_SECRET_ACCESS_KEY | required if `services.pi.ai_providers.embedding_model.enabled` is true | AWS secret for embedding model | your_aws_secret_access_key | +| | BR_AWS_SESSION_TOKEN | required if embedding model uses temporary credentials | AWS session token for embedding model | your_aws_session_token | #### Ingress and SSL Setup @@ -602,20 +666,21 @@ To configure the external secrets for your application, you need to define speci If you are planning to use 3rd party ingress providers, here is the available route configuration. -| Host | Path | Service | Required | -| ----------------------- | :--------------: | ----------------------------------------- | :----------------------------------------------------------------: | -| plane.example.com | `/` | `` | Yes | -| plane.example.com | `/spaces/*` | `` | Yes | -| plane.example.com | `/god-mode/*` | `` | Yes | -| plane.example.com | `/live/*` | `` | Yes | -| plane.example.com | `/silo/*` | `` | Yes | -| plane.example.com | `/api/*` | `` | Yes | -| plane.example.com | `/auth/*` | `` | Yes | -| plane.example.com | `/graphql/*` | `` | Yes | -| plane.example.com | `/marketplace/*` | `` | Yes | -| plane.example.com | `/uploads/*` | `` | Yes (only if using local setup) | -| plane-minio.example.com | `/` | `` | Optional (if using local setup, enables MinIO console access) | -| plane-mq.example.com | `/` | `` | Optional (if using local setup, enables management console access) | +| Host | Path | Service | Required | +| ----------------------- | :-------------: | --------------------------------------- | :-------------------------------------------------------------------------- | +| plane.example.com | / | | Yes | +| plane.example.com | /spaces/\* | | Yes | +| plane.example.com | /god-mode/\* | | Yes | +| plane.example.com | /live/\* | | Yes | +| plane.example.com | /silo/\* | | Yes (if `services.silo.enabled=true` ) | +| plane.example.com | /pi/\* | | Yes (if `services.pi.enabled=true`) | +| plane.example.com | /api/\* | | Yes | +| plane.example.com | /auth/\* | | Yes | +| plane.example.com | /graphql/\* | | Yes | +| plane.example.com | /marketplace/\* | | Yes | +| plane.example.com | /uploads/\* | | Yes (Only if using local setup) | +| plane-minio.example.com | / | | (Optional) if using local setup, this will enable minio console access | +| plane-mq.example.com | / | | (Optional) if using local setup, this will enable management console access | ::: details Install Community Edition The Commercial edition comes with a free plan and the flexibility to upgrade to a paid plan at any point. If you still want to install the Community edition, follow the steps below: