feat(chart): update dependencies (PostgreSQL to v18.6.2, Valkey to v5.4.11)

feat(aiapi): add new Helm chart for New API and CLIProxyAPI deployment
feat(deployment): add pod annotations support and update chart version to 0.0.10
2026-06-06 05:31:06 +00:00 · 2026-05-01 22:34:12 +08:00 · 2026-05-01 22:20:19 +08:00 · 2026-02-13 17:37:19 +08:00 · 2025-11-04 11:15:49 +08:00 · 2025-08-01 18:19:29 +08:00
@@ -5,5 +5,6 @@ helm repo add devcm https://devcm-repo.github.io/helm-charts
 ```

 ### charts
+- aiapi
 - tailscale-derp
 - rustdesk-server
@@ -0,0 +1,21 @@
+apiVersion: v2
+name: aiapi
+description: New API and CLIProxyAPI Helm Chart
+home: https://devcm-repo.github.io/helm-charts/
+sources:
+  - https://github.com/devcm-repo/helm-charts
+maintainers:
+  - name: dev.cm
+    email: admin@dev.cm
+    url: https://github.com/devcm-repo
+version: 0.0.2
+appVersion: latest
+dependencies:
+  - name: postgresql
+    version: 18.6.2
+    repository: oci://registry-1.docker.io/bitnamicharts
+    condition: postgresql.enabled
+  - name: valkey
+    version: 5.4.11
+    repository: oci://registry-1.docker.io/bitnamicharts
+    condition: valkey.enabled
@@ -0,0 +1,70 @@
+# aiapi
+
+Deploys New API and CLIProxyAPI. PostgreSQL and Valkey are provided through upstream Bitnami Helm chart dependencies by default.
+
+```shell
+helm dependency update ./charts/aiapi
+helm install aiapi ./charts/aiapi
+```
+
+For production, override at least:
+
+- `newapi.sessionSecret`
+- `postgresql.auth.password`
+- `cliproxyapi.config`
+- `newapi.frontendBaseUrl`
+
+Use the bundled dependencies:
+
+```yaml
+postgresql:
+  enabled: true
+  auth:
+    username: newapi
+    password: change-me
+    database: newapi
+
+valkey:
+  enabled: true
+  architecture: standalone
+  auth:
+    enabled: false
+```
+
+Use external PostgreSQL and Valkey/Redis by disabling the dependencies and providing the New API environment variables as values:
+
+```yaml
+postgresql:
+  enabled: false
+valkey:
+  enabled: false
+
+newapi:
+  database:
+    dsn: postgres://newapi:password@postgres.example.com:5432/newapi?sslmode=require
+  cache:
+    redisConnString: redis://:password@valkey.example.com:6379/0
+```
+
+For production, prefer storing the complete connection strings in an existing Kubernetes Secret:
+
+```yaml
+postgresql:
+  enabled: false
+valkey:
+  enabled: false
+
+newapi:
+  database:
+    existingSecret:
+      name: aiapi-external-connections
+      key: SQL_DSN
+  cache:
+    existingSecret:
+      name: aiapi-external-connections
+      key: REDIS_CONN_STRING
+```
+
+`newapi.database.*` renders `SQL_DSN`; `newapi.cache.*` renders `REDIS_CONN_STRING`. The older `newapi.sqlDsn` and `newapi.redisConnString` values still work for compatibility.
+
+`cliproxyapi.ingress` is disabled by default. If exposing it under `/cpa`, add the rewrite annotations required by your Ingress controller and set `remote-management.allow-remote` in `cliproxyapi.config` intentionally.
@@ -0,0 +1,44 @@
+{{- define "aiapi.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- define "aiapi.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name (include "aiapi.name" .) | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "aiapi.labels" -}}
+helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" }}
+app.kubernetes.io/name: {{ include "aiapi.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{- define "aiapi.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "aiapi.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end -}}
+
+{{- define "aiapi.dependencyFullname" -}}
+{{- $root := index . "root" -}}
+{{- $values := default dict (index . "values") -}}
+{{- $name := default (index . "name") $values.nameOverride -}}
+{{- if $values.fullnameOverride -}}
+{{- $values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else if contains $name $root.Release.Name -}}
+{{- $root.Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" $root.Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "aiapi.postgresql.fullname" -}}
+{{- include "aiapi.dependencyFullname" (dict "root" . "values" .Values.postgresql "name" "postgresql") -}}
+{{- end -}}
+
+{{- define "aiapi.valkey.primaryFullname" -}}
+{{- printf "%s-primary" (include "aiapi.dependencyFullname" (dict "root" . "values" .Values.valkey "name" "valkey")) | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
@@ -0,0 +1,82 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: "{{ include "aiapi.fullname" . }}-cliproxyapi"
+  labels:
+    {{- include "aiapi.labels" . | nindent 4 }}
+    app.kubernetes.io/component: cliproxyapi
+spec:
+  replicas: {{ .Values.cliproxyapi.replicas }}
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      {{- include "aiapi.selectorLabels" . | nindent 6 }}
+      app.kubernetes.io/component: cliproxyapi
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "aiapi.selectorLabels" . | nindent 8 }}
+        app.kubernetes.io/component: cliproxyapi
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: cliproxyapi
+          image: "{{ .Values.cliproxyapi.image.repository }}:{{ .Values.cliproxyapi.image.tag }}"
+          imagePullPolicy: {{ .Values.cliproxyapi.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.cliproxyapi.port }}
+              protocol: TCP
+          env:
+            - name: TZ
+              value: {{ .Values.tz | quote }}
+          readinessProbe:
+            tcpSocket:
+              port: http
+          livenessProbe:
+            tcpSocket:
+              port: http
+          {{- with .Values.cliproxyapi.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - name: config
+              mountPath: /CLIProxyAPI/config.yaml
+              subPath: config.yaml
+            - name: data
+              mountPath: /root/.cli-proxy-api
+              subPath: auths
+            - name: data
+              mountPath: /CLIProxyAPI/logs
+              subPath: logs
+      volumes:
+        - name: config
+          secret:
+            secretName: "{{ include "aiapi.fullname" . }}"
+            items:
+              - key: cliproxyapi-config.yaml
+                path: config.yaml
+        - name: data
+          {{- if .Values.cliproxyapi.persistence.enabled }}
+          persistentVolumeClaim:
+            claimName: "{{ include "aiapi.fullname" . }}-cliproxyapi"
+          {{- else }}
+          emptyDir: {}
+          {{- end }}
@@ -0,0 +1,32 @@
+{{- if .Values.cliproxyapi.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: "{{ include "aiapi.fullname" . }}-cliproxyapi"
+  labels:
+    {{- include "aiapi.labels" . | nindent 4 }}
+    app.kubernetes.io/component: cliproxyapi
+  {{- with .Values.cliproxyapi.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if .Values.cliproxyapi.ingress.className }}
+  ingressClassName: {{ .Values.cliproxyapi.ingress.className }}
+  {{- end }}
+  {{- with .Values.cliproxyapi.ingress.tls }}
+  tls:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  rules:
+    - host: {{ .Values.cliproxyapi.ingress.host }}
+      http:
+        paths:
+          - path: {{ .Values.cliproxyapi.ingress.path }}
+            pathType: {{ .Values.cliproxyapi.ingress.pathType }}
+            backend:
+              service:
+                name: "{{ include "aiapi.fullname" . }}-cliproxyapi"
+                port:
+                  number: {{ .Values.cliproxyapi.service.port }}
+{{- end }}
@@ -0,0 +1,140 @@
+{{- $sqlDsn := default .Values.newapi.sqlDsn .Values.newapi.database.dsn -}}
+{{- $sqlDsnSecretName := .Values.newapi.database.existingSecret.name -}}
+{{- $redisConnString := default .Values.newapi.redisConnString .Values.newapi.cache.redisConnString -}}
+{{- $redisConnStringSecretName := .Values.newapi.cache.existingSecret.name -}}
+{{- $postgresqlExistingSecret := dig "auth" "existingSecret" "" .Values.postgresql -}}
+{{- $postgresqlPasswordKey := dig "auth" "secretKeys" "userPasswordKey" "password" .Values.postgresql -}}
+{{- $valkeyExistingSecret := dig "auth" "existingSecret" "" .Values.valkey -}}
+{{- $valkeyPasswordKey := dig "auth" "existingSecretPasswordKey" "valkey-password" .Values.valkey -}}
+{{- if and (not .Values.postgresql.enabled) (empty $sqlDsn) (empty $sqlDsnSecretName) -}}
+{{- fail "newapi.database.dsn or newapi.database.existingSecret.name is required when postgresql.enabled is false" -}}
+{{- end -}}
+{{- if and (not .Values.valkey.enabled) (empty $redisConnString) (empty $redisConnStringSecretName) -}}
+{{- fail "newapi.cache.redisConnString or newapi.cache.existingSecret.name is required when valkey.enabled is false" -}}
+{{- end -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: "{{ include "aiapi.fullname" . }}-newapi"
+  labels:
+    {{- include "aiapi.labels" . | nindent 4 }}
+    app.kubernetes.io/component: newapi
+spec:
+  replicas: {{ .Values.newapi.replicas }}
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      {{- include "aiapi.selectorLabels" . | nindent 6 }}
+      app.kubernetes.io/component: newapi
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "aiapi.selectorLabels" . | nindent 8 }}
+        app.kubernetes.io/component: newapi
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: newapi
+          image: "{{ .Values.newapi.image.repository }}:{{ .Values.newapi.image.tag }}"
+          imagePullPolicy: {{ .Values.newapi.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.newapi.port }}
+              protocol: TCP
+          env:
+            - name: TZ
+              value: {{ .Values.tz | quote }}
+            - name: SESSION_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ include "aiapi.fullname" . }}"
+                  key: newapi-session-secret
+            - name: FRONTEND_BASE_URL
+              value: {{ .Values.newapi.frontendBaseUrl | quote }}
+            {{- if $sqlDsnSecretName }}
+            - name: SQL_DSN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $sqlDsnSecretName | quote }}
+                  key: {{ default "SQL_DSN" .Values.newapi.database.existingSecret.key | quote }}
+            {{- else if $sqlDsn }}
+            - name: SQL_DSN
+              value: {{ $sqlDsn | quote }}
+            {{- else }}
+            - name: POSTGRES_USER
+              value: {{ .Values.postgresql.auth.username | quote }}
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ default (include "aiapi.postgresql.fullname" .) $postgresqlExistingSecret | quote }}
+                  key: {{ $postgresqlPasswordKey | quote }}
+            - name: SQL_DSN
+              value: "postgres://$(POSTGRES_USER):$(POSTGRES_PASSWORD)@{{ include "aiapi.postgresql.fullname" . }}:5432/{{ .Values.postgresql.auth.database }}?sslmode=disable"
+            {{- end }}
+            {{- if $redisConnStringSecretName }}
+            - name: REDIS_CONN_STRING
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $redisConnStringSecretName | quote }}
+                  key: {{ default "REDIS_CONN_STRING" .Values.newapi.cache.existingSecret.key | quote }}
+            {{- else if $redisConnString }}
+            - name: REDIS_CONN_STRING
+              value: {{ $redisConnString | quote }}
+            {{- else }}
+            {{- if .Values.valkey.auth.enabled }}
+            - name: VALKEY_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ default (include "aiapi.dependencyFullname" (dict "root" . "values" .Values.valkey "name" "valkey")) $valkeyExistingSecret | quote }}
+                  key: {{ $valkeyPasswordKey | quote }}
+            - name: REDIS_CONN_STRING
+              value: "redis://:$(VALKEY_PASSWORD)@{{ include "aiapi.valkey.primaryFullname" . }}:6379/0"
+            {{- else }}
+            - name: REDIS_CONN_STRING
+              value: "redis://{{ include "aiapi.valkey.primaryFullname" . }}:6379/0"
+            {{- end }}
+            {{- end }}
+            {{- with .Values.newapi.extraEnv }}
+            {{- toYaml . | nindent 12 }}
+            {{- end }}
+          readinessProbe:
+            tcpSocket:
+              port: http
+          livenessProbe:
+            tcpSocket:
+              port: http
+          {{- with .Values.newapi.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - name: data
+              mountPath: /data
+              subPath: data
+            - name: data
+              mountPath: /app/logs
+              subPath: logs
+      volumes:
+        - name: data
+          {{- if .Values.newapi.persistence.enabled }}
+          persistentVolumeClaim:
+            claimName: "{{ include "aiapi.fullname" . }}-newapi"
+          {{- else }}
+          emptyDir: {}
+          {{- end }}
@@ -0,0 +1,32 @@
+{{- if .Values.newapi.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: "{{ include "aiapi.fullname" . }}-newapi"
+  labels:
+    {{- include "aiapi.labels" . | nindent 4 }}
+    app.kubernetes.io/component: newapi
+  {{- with .Values.newapi.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if .Values.newapi.ingress.className }}
+  ingressClassName: {{ .Values.newapi.ingress.className }}
+  {{- end }}
+  {{- with .Values.newapi.ingress.tls }}
+  tls:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  rules:
+    - host: {{ .Values.newapi.ingress.host }}
+      http:
+        paths:
+          - path: {{ .Values.newapi.ingress.path }}
+            pathType: {{ .Values.newapi.ingress.pathType }}
+            backend:
+              service:
+                name: "{{ include "aiapi.fullname" . }}-newapi"
+                port:
+                  number: {{ .Values.newapi.service.port }}
+{{- end }}
@@ -0,0 +1,45 @@
+{{- if .Values.newapi.persistence.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: "{{ include "aiapi.fullname" . }}-newapi"
+  labels:
+    {{- include "aiapi.labels" . | nindent 4 }}
+    app.kubernetes.io/component: newapi
+  {{- with .Values.persistence.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.accessMode | quote }}
+  {{- if .Values.persistence.storageClass }}
+  storageClassName: {{ .Values.persistence.storageClass | quote }}
+  {{- end }}
+  resources:
+    requests:
+      storage: {{ .Values.newapi.persistence.size | quote }}
+{{- end }}
+---
+{{- if .Values.cliproxyapi.persistence.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: "{{ include "aiapi.fullname" . }}-cliproxyapi"
+  labels:
+    {{- include "aiapi.labels" . | nindent 4 }}
+    app.kubernetes.io/component: cliproxyapi
+  {{- with .Values.persistence.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.accessMode | quote }}
+  {{- if .Values.persistence.storageClass }}
+  storageClassName: {{ .Values.persistence.storageClass | quote }}
+  {{- end }}
+  resources:
+    requests:
+      storage: {{ .Values.cliproxyapi.persistence.size | quote }}
+{{- end }}
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "{{ include "aiapi.fullname" . }}"
+  labels:
+    {{- include "aiapi.labels" . | nindent 4 }}
+type: Opaque
+stringData:
+  newapi-session-secret: {{ .Values.newapi.sessionSecret | quote }}
+  cliproxyapi-config.yaml: |-
+    {{- .Values.cliproxyapi.config | nindent 4 }}
@@ -0,0 +1,43 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: "{{ include "aiapi.fullname" . }}-newapi"
+  labels:
+    {{- include "aiapi.labels" . | nindent 4 }}
+    app.kubernetes.io/component: newapi
+  {{- with .Values.newapi.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  type: {{ .Values.newapi.service.type }}
+  selector:
+    {{- include "aiapi.selectorLabels" . | nindent 4 }}
+    app.kubernetes.io/component: newapi
+  ports:
+    - name: http
+      port: {{ .Values.newapi.service.port }}
+      targetPort: http
+      protocol: TCP
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: "{{ include "aiapi.fullname" . }}-cliproxyapi"
+  labels:
+    {{- include "aiapi.labels" . | nindent 4 }}
+    app.kubernetes.io/component: cliproxyapi
+  {{- with .Values.cliproxyapi.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  type: {{ .Values.cliproxyapi.service.type }}
+  selector:
+    {{- include "aiapi.selectorLabels" . | nindent 4 }}
+    app.kubernetes.io/component: cliproxyapi
+  ports:
+    - name: http
+      port: {{ .Values.cliproxyapi.service.port }}
+      targetPort: http
+      protocol: TCP
@@ -0,0 +1,154 @@
+tz: Asia/Shanghai
+
+global:
+  defaultStorageClass: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+nodeSelector: {}
+affinity: {}
+podAnnotations: {}
+
+persistence:
+  storageClass: ""
+  accessMode: ReadWriteOnce
+  annotations: {}
+
+newapi:
+  replicas: 1
+  image:
+    repository: calciumion/new-api
+    tag: latest
+    pullPolicy: IfNotPresent
+  port: 3000
+  frontendBaseUrl: https://aiapi.dev.cm
+  sessionSecret: change-me
+  # Deprecated: use newapi.database.dsn or newapi.database.existingSecret.
+  sqlDsn: ""
+  # Deprecated: use newapi.cache.redisConnString or newapi.cache.existingSecret.
+  redisConnString: ""
+  database:
+    dsn: ""
+    existingSecret:
+      name: ""
+      key: SQL_DSN
+  cache:
+    redisConnString: ""
+    existingSecret:
+      name: ""
+      key: REDIS_CONN_STRING
+  extraEnv:
+    - name: MEMORY_CACHE_ENABLED
+      value: "true"
+    - name: BATCH_UPDATE_ENABLED
+      value: "true"
+    - name: REDIS_POOL_SIZE
+      value: "50"
+    - name: RELAY_MAX_IDLE_CONNS
+      value: "1000"
+    - name: RELAY_MAX_IDLE_CONNS_PER_HOST
+      value: "200"
+  resources: {}
+  persistence:
+    enabled: true
+    size: 2Gi
+  service:
+    type: ClusterIP
+    port: 3000
+    annotations: {}
+  ingress:
+    enabled: true
+    className: ""
+    host: aiapi.dev.cm
+    path: /
+    pathType: Prefix
+    annotations: {}
+    tls: []
+
+cliproxyapi:
+  replicas: 1
+  image:
+    repository: eceasy/cli-proxy-api
+    tag: latest
+    pullPolicy: IfNotPresent
+  port: 8080
+  resources: {}
+  persistence:
+    enabled: true
+    size: 1Gi
+  service:
+    type: ClusterIP
+    port: 8080
+    annotations: {}
+  ingress:
+    enabled: false
+    className: ""
+    host: aiapi.dev.cm
+    path: /cpa
+    pathType: Prefix
+    annotations: {}
+    tls: []
+  config: |
+    host: "0.0.0.0"
+    port: 8080
+
+    api-keys:
+      - "change-me"
+
+    remote-management:
+      allow-remote: false
+      secret-key: "change-me"
+      disable-control-panel: false
+      disable-auto-update-panel: false
+      panel-github-repository: "https://github.com/router-for-me/Cli-Proxy-API-Management-Center"
+
+    auth-dir: "~/.cli-proxy-api"
+
+    commercial-mode: true
+    debug: false
+
+    logging-to-file: true
+    logs-max-total-size-mb: 100
+    usage-statistics-enabled: true
+    request-retry: 1
+    max-retry-interval: 5
+    nonstream-keepalive-interval: 300
+
+    streaming:
+      keepalive-seconds: 300
+      bootstrap-retries: 1
+
+    quota-exceeded:
+      switch-project: true
+      switch-preview-model: true
+      antigravity-credits: true
+
+    routing:
+      strategy: "round-robin"
+      session-affinity: false
+      session-affinity-ttl: "1h"
+
+postgresql:
+  enabled: true
+  auth:
+    username: newapi
+    password: change-me
+    database: newapi
+  primary:
+    resources: {}
+    persistence:
+      enabled: true
+      size: 10Gi
+
+valkey:
+  enabled: true
+  architecture: standalone
+  auth:
+    enabled: false
+  primary:
+    resources: {}
+    persistence:
+      enabled: true
+      size: 2Gi
@@ -9,5 +9,5 @@ maintainers:
    email: admin@dev.cm
    url: https://github.com/devcm-repo
 icon: https://rustdesk.com/favicon.ico
-version: 0.0.6
+version: 0.0.7
 appVersion: latest
@@ -11,6 +11,10 @@ spec:
      app: "{{ .Release.Name }}-{{ .Chart.Name }}"
  template:
    metadata:
+      annotations:
+        {{- if .Values.rustdeskServer.podAnnotations }}
+        {{- toYaml .Values.rustdeskServer.podAnnotations | nindent 8 }}
+        {{- end }}
      labels:
        app: "{{ .Release.Name }}-{{ .Chart.Name }}"
    spec:
@@ -9,5 +9,5 @@ maintainers:
    email: admin@dev.cm
    url: https://github.com/devcm-repo
 icon: https://tailscale.com/files/apple-touch-icon.png
-version: 0.0.8
-appVersion: v1.86.2
+version: 0.0.10
+appVersion: v1.90.6
@@ -11,6 +11,10 @@ spec:
      app: "{{ .Release.Name }}-{{ .Chart.Name }}"
  template:
    metadata:
+      annotations:
+        {{- if .Values.podAnnotations }}
+        {{- toYaml .Values.podAnnotations | nindent 8 }}
+        {{- end }}
      labels:
        app: "{{ .Release.Name }}-{{ .Chart.Name }}"
    spec:
@@ -22,9 +26,9 @@ spec:
      affinity:
        {{- toYaml .Values.affinity | nindent 8 }}
      {{- end }}
-      {{ - if .Values.hostNetwork }}
+      {{- if .Values.hostNetwork }}
      hostNetwork: true
-      {{ - end }}
+      {{- end }}
      containers:
        - name: "{{ .Release.Name }}-{{ .Chart.Name }}"
          image: "{{ .Values.image.name }}:{{ .Values.image.tag | default .Chart.AppVersion }}"