formbricks/charts/formbricks

formbricks

A Helm chart for Formbricks with PostgreSQL, Redis

Homepage: https://formbricks.com/docs/self-hosting/setup/kubernetes

Maintainers

Name	Email	Url
Formbricks	info@formbricks.com

Requirements

Repository	Name	Version
oci://registry-1.docker.io/bitnamicharts	postgresql	16.4.16
oci://registry-1.docker.io/bitnamicharts	redis	20.11.2
oci://docker.io/envoyproxy	gateway-helm	v1.7.1
oci://registry-1.docker.io/bitnamicharts	redis	20.11.2

Envoy bundle modes

The chart can optionally deploy Formbricks behind Envoy Gateway with a dedicated Redis HA backend for Envoy global rate limiting.

• envoy.enabled=true enables the app-bound Envoy resources such as Gateway, HTTPRoute, and rate-limit policies.
• envoy.controller.enabled=true installs a bundled Envoy Gateway controller with the release.
• envoy.controller.enabled=false keeps the chart in external-controller mode and assumes the cluster already has Gateway API CRDs plus an Envoy Gateway controller compatible with envoy.config.envoyGateway.gateway.controllerName.
• envoyRedis.enabled=true deploys a dedicated Redis replication + Sentinel bundle for Envoy RLS. It is intentionally separate from the existing app redis dependency.
• The bundled controller reads its Redis backend from envoy.config.envoyGateway.rateLimit.backend.redis.url. If you enable Redis authentication or override envoyRedis.fullnameOverride, set that URL explicitly so the controller points at the correct backend.
• OpenTelemetry proxy metrics can target either envoy.formbricks.proxy.telemetry.openTelemetry.host/port or backendRefs, but not both. Prefer host/port for collectors that live in another namespace.
• When both the main app ingress and the Envoy API ingress are enabled, set envoy.formbricks.ingress.host explicitly so the Envoy host choice is intentional.

The intended defaults are:

• self-hosted / single-tenant clusters: bundled controller mode
• shared clusters with an existing platform controller: external-controller mode

Cube.js for XM Suite v5

This chart does not deploy Cube.js. XM Suite v5 dashboard and analysis features require an external Cube instance.

• Set deployment.env.CUBEJS_API_URL to your Cube endpoint.
• Provide CUBEJS_API_SECRET through your existing secret management flow, such as the generated app secret override or deployment.envFrom.
• Keep Hub enabled. Cube should point at the same feedback records database that Hub writes to, unless you intentionally split that storage.

Values

Key	Type	Default	Description
autoscaling.additionalLabels	object	{}
autoscaling.annotations	object	{}
autoscaling.behavior.scaleDown.policies[0].periodSeconds	int	120
autoscaling.behavior.scaleDown.policies[0].type	string	"Pods"
autoscaling.behavior.scaleDown.policies[0].value	int	1
autoscaling.behavior.scaleDown.stabilizationWindowSeconds	int	300
autoscaling.behavior.scaleUp.policies[0].periodSeconds	int	60
autoscaling.behavior.scaleUp.policies[0].type	string	"Pods"
autoscaling.behavior.scaleUp.policies[0].value	int	2
autoscaling.behavior.scaleUp.stabilizationWindowSeconds	int	60
autoscaling.enabled	bool	true
autoscaling.maxReplicas	int	10
autoscaling.metrics[0].resource.name	string	"cpu"
autoscaling.metrics[0].resource.target.averageUtilization	int	60
autoscaling.metrics[0].resource.target.type	string	"Utilization"
autoscaling.metrics[0].type	string	"Resource"
autoscaling.metrics[1].resource.name	string	"memory"
autoscaling.metrics[1].resource.target.averageUtilization	int	60
autoscaling.metrics[1].resource.target.type	string	"Utilization"
autoscaling.metrics[1].type	string	"Resource"
autoscaling.minReplicas	int	1
componentOverride	string	""
deployment.additionalLabels	object	{}
deployment.additionalPodAnnotations	object	{}
deployment.additionalPodLabels	object	{}
deployment.affinity	object	{}
deployment.annotations	object	{}
deployment.args	list	[]
deployment.command	list	[]
deployment.containerSecurityContext.readOnlyRootFilesystem	bool	true
deployment.containerSecurityContext.runAsNonRoot	bool	true
deployment.env	object	{}
deployment.envFrom	string	nil
deployment.image.digest	string	""
deployment.image.pullPolicy	string	"IfNotPresent"
deployment.image.repository	string	"ghcr.io/formbricks/formbricks"
deployment.image.tag	string	""
deployment.imagePullSecrets	string	""
deployment.nodeSelector	object	{}
deployment.ports.http.containerPort	int	3000
deployment.ports.http.exposed	bool	true
deployment.ports.http.protocol	string	"TCP"
deployment.ports.metrics.containerPort	int	9464
deployment.ports.metrics.exposed	bool	true
deployment.ports.metrics.protocol	string	"TCP"
deployment.probes.livenessProbe.failureThreshold	int	5
deployment.probes.livenessProbe.httpGet.path	string	"/health"
deployment.probes.livenessProbe.httpGet.port	int	3000
deployment.probes.livenessProbe.initialDelaySeconds	int	10
deployment.probes.livenessProbe.periodSeconds	int	10
deployment.probes.livenessProbe.successThreshold	int	1
deployment.probes.livenessProbe.timeoutSeconds	int	5
deployment.probes.readinessProbe.failureThreshold	int	5
deployment.probes.readinessProbe.httpGet.path	string	"/health"
deployment.probes.readinessProbe.httpGet.port	int	3000
deployment.probes.readinessProbe.initialDelaySeconds	int	10
deployment.probes.readinessProbe.periodSeconds	int	10
deployment.probes.readinessProbe.successThreshold	int	1
deployment.probes.readinessProbe.timeoutSeconds	int	5
deployment.probes.startupProbe.failureThreshold	int	30
deployment.probes.startupProbe.periodSeconds	int	10
deployment.probes.startupProbe.tcpSocket.port	int	3000
deployment.reloadOnChange	bool	false
deployment.replicas	int	1
deployment.resources.limits.memory	string	"2Gi"
deployment.resources.requests.cpu	string	"1"
deployment.resources.requests.memory	string	"1Gi"
deployment.revisionHistoryLimit	int	2
deployment.securityContext	object	{}
deployment.strategy.type	string	"RollingUpdate"
deployment.tolerations	list	[]
deployment.topologySpreadConstraints	list	[]
enterprise.enabled	bool	false
enterprise.licenseKey	string	""
externalSecret.enabled	bool	false
externalSecret.files	object	{}
externalSecret.refreshInterval	string	"1h"
externalSecret.secretStore.kind	string	"ClusterSecretStore"
externalSecret.secretStore.name	string	"aws-secrets-manager"
formbricks.publicUrl	string	""
formbricks.webappUrl	string	""
hub.enabled	bool	true
hub.env	object	{}
hub.existingSecret	string	""
hub.image.digest	string	"sha256:14db7b3d285b6e9165b55693f9b83d08beff840a255fd77dd12882ee0a62f5cb"	When set, takes precedence over tag (immutable pin).
hub.image.pullPolicy	string	"IfNotPresent"
hub.image.repository	string	"ghcr.io/formbricks/hub"
hub.image.tag	string	"0.2.0"	Fallback when digest is empty.
hub.migration.activeDeadlineSeconds	int	900
hub.migration.backoffLimit	int	3
hub.migration.ttlSecondsAfterFinished	int	300
hub.replicas	int	1
hub.resources.limits.memory	string	"512Mi"
hub.resources.requests.cpu	string	"100m"
hub.resources.requests.memory	string	"256Mi"
ingress.annotations	object	{}
ingress.enabled	bool	false
ingress.hosts[0].host	string	"k8s.formbricks.com"
ingress.hosts[0].paths[0].path	string	"/"
ingress.hosts[0].paths[0].pathType	string	"Prefix"
ingress.hosts[0].paths[0].serviceName	string	"formbricks"
ingress.ingressClassName	string	"alb"
migration.annotations	object	{}
migration.backoffLimit	int	3
migration.enabled	bool	true
migration.resources.limits.memory	string	"512Mi"
migration.resources.requests.cpu	string	"100m"
migration.resources.requests.memory	string	"256Mi"
migration.ttlSecondsAfterFinished	int	300
nameOverride	string	""
partOfOverride	string	""
pdb.additionalLabels	object	{}
pdb.annotations	object	{}
pdb.enabled	bool	true
pdb.minAvailable	int	1
postgresql.auth.database	string	"formbricks"
postgresql.auth.existingSecret	string	"formbricks-app-secrets"
postgresql.auth.secretKeys.adminPasswordKey	string	"POSTGRES_ADMIN_PASSWORD"
postgresql.auth.secretKeys.userPasswordKey	string	"POSTGRES_USER_PASSWORD"
postgresql.auth.username	string	"formbricks"
postgresql.enabled	bool	true
postgresql.externalDatabaseUrl	string	""
postgresql.fullnameOverride	string	"formbricks-postgresql"
postgresql.global.security.allowInsecureImages	bool	true
postgresql.image.repository	string	"pgvector/pgvector"
postgresql.image.tag	string	"pg17"
postgresql.primary.containerSecurityContext.enabled	bool	true
postgresql.primary.containerSecurityContext.readOnlyRootFilesystem	bool	false
postgresql.primary.containerSecurityContext.runAsUser	int	1001
postgresql.primary.networkPolicy.enabled	bool	false
postgresql.primary.persistence.enabled	bool	true
postgresql.primary.persistence.size	string	"10Gi"
postgresql.primary.podSecurityContext.enabled	bool	true
postgresql.primary.podSecurityContext.fsGroup	int	1001
postgresql.primary.podSecurityContext.runAsUser	int	1001
rbac.enabled	bool	false
rbac.serviceAccount.additionalLabels	object	{}
rbac.serviceAccount.annotations	object	{}
rbac.serviceAccount.enabled	bool	false
rbac.serviceAccount.name	string	""
redis.architecture	string	"standalone"
redis.auth.enabled	bool	true
redis.auth.existingSecret	string	"formbricks-app-secrets"
redis.auth.existingSecretPasswordKey	string	"REDIS_PASSWORD"
redis.enabled	bool	true
redis.externalRedisUrl	string	""
redis.fullnameOverride	string	"formbricks-redis"
redis.master.persistence.enabled	bool	true
redis.networkPolicy.enabled	bool	false
secret.enabled	bool	true
service.additionalLabels	object	{}
service.annotations	object	{}
service.enabled	bool	true
service.ports	list	[]
service.type	string	"ClusterIP"
serviceMonitor.additionalLabels	string	nil
serviceMonitor.annotations	string	nil
serviceMonitor.enabled	bool	true
serviceMonitor.endpoints[0].interval	string	"5s"
serviceMonitor.endpoints[0].path	string	"/metrics"
serviceMonitor.endpoints[0].port	string	"metrics"