This guide will help you to deploy a production ready Chatwoot instance with Helm Charts.

To quickly try out the charts, follow the two steps below. For a production deployment, please make sure to pass in the required arguments to helm using your custom values.yaml file.

helm repo add chatwoot https://chatwoot.github.io/charts
helm install chatwoot chatwoot/chatwoot

Prerequisites

  • Kubernetes 1.16+
  • Helm 3.1.0+
  • PV provisioner support in the underlying infrastructure

The helm installation will create 3 “Persistent Volume Claims” for redis, rails and postgres. Setup up a default “Storage Class” (for automatic PV) or create 3 “Persistent Volumes” with the size of 8GB, before installing chatwoot. If the “Persistent Volume Claims” do not claim the “Persistent Volumes”, leave storageClassName blank (inside the PV .yaml files).

Installing the chart

To install the chart with the release name chatwoot, use the following. To deploy it in chatwoot namespace, pass -n chatwoot to the command.

helm install chatwoot chatwoot/chatwoot -f <your-custom-values.yaml> #-n chatwoot

The command deploys Chatwoot on the Kubernetes cluster in the default configuration. The parameters section lists the parameters that can be configured during installation.

List all releases using helm list

Uninstalling the chart

To uninstall/delete the chatwoot deployment:

helm delete chatwoot

The command removes all the Kubernetes components associated with the chart and deletes the release.

Persistent volumes are not deleted automatically. They need to be removed manually.

Parameters

Chatwoot Image parameters

NameDescriptionValue
image.repositoryChatwoot image repositorychatwoot/chatwoot
image.tagChatwoot image tag (immutable tags are recommended)v2.16.0
image.pullPolicyChatwoot image pull policyIfNotPresent

Chatwoot Environment Variables

NameTypeDefault Value
env.ACTIVE_STORAGE_SERVICEStorage service. local for disk. amazon for s3."local"
env.ASSET_CDN_HOSTSet if CDN is used for asset delivery.""
env.INSTALLATION_ENVSets chatwoot installation method."helm"
env.ENABLE_ACCOUNT_SIGNUPtrue : allows sign ups, false : (default option) disables all the end points related to sign ups, api_only: disables the UI for signup but you can create sign ups via the account apis."false"
env.FORCE_SSLForce all access to the app over SSL, default is set to false."false"
env.FRONTEND_URLReplace with the URL you are planning to use for your app."http://0.0.0.0:3000/"
env.IOS_APP_IDChange this variable only if you are using a custom build for mobile app."6C953F3RX2.com.chatwoot.app"
env.ANDROID_BUNDLE_IDChange this variable only if you are using a custom build for mobile app."com.chatwoot.app"
env.ANDROID_SHA256_CERT_FINGERPRINTChange this variable only if you are using a custom build for mobile app."AC:73:8E:DE:EB:5............"
env.MAILER_SENDER_EMAILThe email from which all outgoing emails are sent.""
env.RAILS_ENVSets rails environment."production"
env.RAILS_MAX_THREADSNumber of threads each worker will use."5"
env.SECRET_KEY_BASEUsed to verify the integrity of signed cookies. Ensure a secure value is set.replace_with_your_super_duper_secret_key_base
env.SENTRY_DSNSentry data source name.""
env.SMTP_ADDRESSSet your smtp address.""
env.SMTP_AUTHENTICATIONAllowed values: plain,login,cram_md5"plain"
env.SMTP_ENABLE_STARTTLS_AUTODefaults to true."true"
env.SMTP_OPENSSL_VERIFY_MODECan be: none, peer, client_once, fail_if_no_peer_cert"none"
env.SMTP_PASSWORDSMTP password""
env.SMTP_PORTSMTP port"587"
env.SMTP_USERNAMESMTP username""
env.USE_INBOX_AVATAR_FOR_BOTBot customizations"true"

Email setup for conversation continuity (Incoming emails)

NameTypeDefault Value
env.MAILER_INBOUND_EMAIL_DOMAINThis is the domain set for the reply emails when conversation continuity is enabled.""
env.RAILS_INBOUND_EMAIL_SERVICESet this to appropriate ingress channel with regards to incoming emails. Possible values are relay, mailgun, mandrill, postmark and sendgrid.""
env.RAILS_INBOUND_EMAIL_PASSWORDPassword for the email service.""
env.MAILGUN_INGRESS_SIGNING_KEYSet if using mailgun for incoming conversations.""
env.MANDRILL_INGRESS_API_KEYSet if using mandrill for incoming conversations.""

Postgres variables

NameTypeDefault Value
postgresql.enabledSet to false if using external postgres and modify the below variables.true
postgresql.auth.databaseChatwoot database namechatwoot_production
postgresql.postgresqlHostPostgres host. Edit if using external postgres.""
postgresql.auth.postgresPasswordPostgres password. Edit if using external postgres.postgres
postgresql.postgresqlPortPostgres port5432
postgresql.auth.usernamePostgres username.postgres

Redis variables

NameTypeDefault Value
redis.auth.passwordPassword used for internal redis clusterredis
redis.enabledSet to false if using external redis and modify the below variables.true
redis.hostRedis host name""
redis.portRedis port""
redis.passwordRedis password""
env.REDIS_TLSSet to true if TLS(rediss://) is requiredfalse
env.REDIS_SENTINELSRedis Sentinel can be used by passing list of sentinel host and ports.""
env.REDIS_SENTINEL_MASTER_NAMERedis sentinel master name is required when using sentinel.""

Logging variables

NameTypeDefault Value
env.RAILS_LOG_TO_STDOUTstring"true"
env.LOG_LEVELstring"info"
env.LOG_SIZEstring"500"

Third party credentials

NameTypeDefault Value
env.S3_BUCKET_NAMES3 bucket name""
env.AWS_ACCESS_KEY_IDAmazon access key ID""
env.AWS_REGIONAmazon region""
env.AWS_SECRET_ACCESS_KEYAmazon secret key ID""
env.FB_APP_IDFor facebook channel https://www.chatwoot.com/docs/facebook-setup""
env.FB_APP_SECRETFor facebook channel""
env.FB_VERIFY_TOKENFor facebook channel""
env.SLACK_CLIENT_IDFor slack integration""
env.SLACK_CLIENT_SECRETFor slack integration""
env.TWITTER_APP_IDFor twitter channel""
env.TWITTER_CONSUMER_KEYFor twitter channel""
env.TWITTER_CONSUMER_SECRETFor twitter channel""
env.TWITTER_ENVIRONMENTFor twitter channel""

Autoscaling

NameTypeDefault Value
web.hpa.enabledHorizontal Pod Autoscaling for Chatwoot webfalse
web.hpa.cputhresholdCPU threshold for Chatwoot web80
web.hpa.minpodsMinimum number of pods for Chatwoot web1
web.hpa.maxpodsMaximum number of pods for Chatwoot web10
web.replicaCountNo of web pods if hpa is not enabled1
worker.hpa.enabledHorizontal Pod Autoscaling for Chatwoot workerfalse
worker.hpa.cputhresholdCPU threshold for Chatwoot worker80
worker.hpa.minpodsMinimum number of pods for Chatwoot worker2
worker.hpa.maxpodsMaximum number of pods for Chatwoot worker10
worker.replicaCountNo of worker pods if hpa is not enabled1

Install with custom parameters

Specify each parameter using the --set key=value[,key=value] argument to helm install. For example,

helm install my-release \
  --set env.FRONTEND_URL="chat.yourdomain.com"\
    chatwoot/chatwoot

The above command sets the Chatwoot server frontend URL to chat.yourdoamain.com.

Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,

helm install my-release -f values.yaml chatwoot/chatwoot

You can use the default values.yaml file.

Postgres

PostgreSQL is installed along with the chart if you choose the default setup. To use an external Postgres DB, please set postgresql.enabled to false and set the variables under the Postgres section above.

Redis

Redis is installed along with the chart if you choose the default setup. To use an external Redis DB, please set redis.enabled to false and set the variables under the Redis section above.

Autoscaling

To enable horizontal pod autoscaling, set web.hpa.enabled and worker.hpa.enabled to true. Also make sure to uncomment the values under, resources.limits and resources.requests. This assumes your k8s cluster is already having a metrics-server. If not, deploy metrics-server with the following command.

kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml

Upgrading

Do helm repo update and check the version of charts that is going to be installed. Helm charts follows semantic versioning and so if the MAJOR version is different from your installed version, there might be breaking changes. Please refer to the changelog before upgrading.

# update helm repositories
helm repo update
# list your current installed version
helm list
# show the latest version of charts that is going to be installed
helm search repo chatwoot

#if it is major version update, refer to the changelog before proceeding
helm upgrade chatwoot chatwoot/chatwoot -f <your-custom-values>.yaml

Troubleshooting

pod has unbound immediate PersistentVolumeClaims

Make sure the “Persistent Volume Claims” can be satisfied. Refer to prerequisites.

ActionController::InvalidAuthenticityToken HTTP Origin header

ActionController::InvalidAuthenticityToken HTTP Origin header (https://mydomain.com) didn't match request.base_url (http://mydomain.com)

If you are recieving the above error when trying to access the superadmin panel, configure your ingress controller to forward the protocol of the origin request. For nginx ingress, you can do this by setting the proxy_set_header X-Forwarded-Proto https; config. Refer this issue to learn more.