This Helm chart is also available on Artifact Hub for easy discovery and installation.
For detailed configuration more info in helm charts readme or Artifact Hub.
This guide covers installing the Cospace Helm chart and its optional dependencies (MariaDB operator, LiveKit, EuroOffice/Collabora).
mariadbOperatorSingle.enabled=true or mariadbOperatorMaxscaleGalera.enabled=true) — see MariaDB OperatorNote: Service addresses (Redis, MariaDB) are auto-derived from the Helm release name. If you use a release name other than
cospace, verify that the auto-derived service names match the actual ones (or overridecospace.redis.addressandcospace.db.host).
The chart is published as an OCI artifact to GitHub Container Registry:
oci://ghcr.io/twigex/helm-charts/cospace
No helm repo add is required for OCI charts.
Cospace supports four MariaDB deployment modes. Pick the one that matches your environment.
A bundled MariaDB instance is deployed as a single Pod inside the chart. Simplest option, suitable for small/medium deployments.
helm install cospace oci://ghcr.io/twigex/helm-charts/cospace --version 0.0.33 \
--namespace cospace --create-namespace \
--set domain=example.com \
--set cospace.admin.password=your_password
Required values:
domain — FQDN for the Cospace applicationcospace.admin.password — initial admin password (change for production)mariadb.password — MariaDB user password (change for production)mariadb.rootPassword — MariaDB root password (change for production)cospace.server.encryptKey — exactly 32 hex characters. Generate with openssl rand -hex 16redis.auth.password — Redis password (change for production)Uses the mariadb-operator to manage a single-replica MariaDB. Production-friendly with automated backups, point-in-time recovery, and metrics.
Prerequisites: Install the MariaDB operator and CRDs first.
helm install cospace oci://ghcr.io/twigex/helm-charts/cospace --version 0.0.33 \
--namespace cospace --create-namespace \
-f - <<EOF
domain: "cospace.example.com"
cospace:
image:
repository: ghcr.io/twigex/cospace
tag: "latest"
server:
encryptKey: "a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4"
admin:
password: "admin123"
mariadb:
enabled: false
password: "mariadb123"
rootPassword: "root123"
mariadbOperatorSingle:
enabled: true
redis:
auth:
password: "redispassword"
EOF
Same as option 2 but with a 3-replica Galera cluster behind MaxScale for high availability.
Prerequisites: Install the MariaDB operator and CRDs first.
helm install cospace oci://ghcr.io/twigex/helm-charts/cospace --version 0.0.33 \
--namespace cospace --create-namespace \
--set domain=example.com \
--set cospace.admin.password=your_password \
--set mariadb.enabled=false \
--set mariadbOperatorMaxscaleGalera.enabled=true
Requires at least 3 worker nodes (one per Galera replica) and persistent storage on each.
Connect to any external MariaDB (on-cluster, off-cluster, or cloud-managed RDS).
Requirements:
<release>-cospace with the expected keys (see templates/cospace-secret.yaml)<release>-mariadb with keys: mariadb-password, mariadb-root-password<release>-mariadb pointing to your external MariaDB on port 3306helm install cospace oci://ghcr.io/twigex/helm-charts/cospace --version 0.0.33 \
--namespace cospace --create-namespace \
--set domain=example.com \
--set cospace.admin.password=your_password \
--set mariadb.enabled=false
Required only if you use mariadbOperatorSingle.enabled=true or mariadbOperatorMaxscaleGalera.enabled=true. The chart does NOT install the operator — you must do it separately.
Official installation guide: https://github.com/mariadb-operator/mariadb-operator?tab=readme-ov-file#installation
Quick install:
# 1. Add the Helm repo
helm repo add mariadb-operator https://helm.mariadb.com/mariadb-operator
helm repo update
# 2. Install CRDs (cluster-wide, separate release)
helm install mariadb-operator-crds mariadb-operator/mariadb-operator-crds \
--namespace mariadb-operator --create-namespace
# 3. Install the operator
helm install mariadb-operator mariadb-operator/mariadb-operator \
--namespace mariadb-operator --version 25.10.2
Verify:
kubectl get pods -n mariadb-operator
kubectl get crd | grep mariadb
LiveKit powers Cospace's real-time voice/video channel. The chart only configures the Cospace app to talk to LiveKit — you must install the LiveKit server separately.
Official documentation: https://docs.livekit.io/home/self-hosting/helm/
Helm chart: https://github.com/livekit/livekit-helm
Quick install:
# 1. Add the LiveKit Helm repo
helm repo add livekit https://helm.livekit.io
helm repo update
# 2. Generate API key/secret (you'll need these for cospace config)
lk api create-key
# → API Key: APIxxxxxxxxxxxx
# → API Secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# 3. Create a values file for LiveKit
cat > livekit-values.yaml <<EOF
livekit:
rtc:
tcpPort: 7881
udpPort: 7882
turn:
enabled: true
redis:
address: cospace-redis-master:6379
password: "redispassword"
apiKey: APIxxxxxxxxxxxx
apiSecret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
EOF
# 4. Install
helm install livekit livekit/livekit-server \
--namespace livekit --create-namespace \
--values livekit-values.yaml
Configure Cospace to use it:
cospace:
channel:
enabled: true
host: "ws://livekit.livekit.svc.cluster.local:7880" # or your public hostname
key: "APIxxxxxxxxxxxx"
secret: "your-api-secret"
linkPreviews: true
EuroOffice is Cospace's office document editor (alternative to Collabora).
Official project: https://github.com/Euro-Office
Container image: ghcr.io/euro-office/documentserver:latest
# 1. Create a values file
cat > eurooffice-values.yaml <<EOF
image:
repository: ghcr.io/euro-office/documentserver
tag: latest
service:
type: ClusterIP
port: 80
ingress:
enabled: true
className: nginx
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "100m"
hosts:
- host: eurooffice.example.com
paths:
- path: /
tls:
- hosts:
- eurooffice.example.com
secretName: eurooffice-tls
# Allow Cospace to connect from its domain
env:
WOPI_ENABLED: "true"
aliasgroup1: "https://cospace.example.com"
EOF
# 2. Install using the community-maintained chart, or deploy a custom
# Helm chart wrapping the image. If you don't have one yet, you can
# run it as a plain Deployment:
kubectl create namespace eurooffice
kubectl create deployment eurooffice \
--image=ghcr.io/euro-office/documentserver:latest \
-n eurooffice
kubectl expose deployment eurooffice --port=80 --target-port=80 -n eurooffice
Note: The
aliasgroup1(or equivalent WOPI allow-list) env var must contain the Cospace domain so EuroOffice accepts WOPI requests from it. The Cospace domain must be reachable from end-user browsers.
cospace:
office:
enabled: true
type: "eurooffice" # or "collabora" — both use the same WOPI API
host: "https://eurooffice.example.com"
secret: "" # JWT secret if configured
Collabora Online is a popular open-source office editor. Cospace supports it as an alternative to EuroOffice.
Official documentation: https://sdk.collaboraoffice.com/Collabora-Online-Development-Edition.html
Helm chart: https://github.com/CollaboraOnline/online (Docker images available on Docker Hub)
Quick install using the official Docker image:
# 1. Create a values file
cat > collabora-values.yaml <<EOF
image:
repository: collabora/code
tag: latest
ingress:
enabled: true
className: nginx
hosts:
- host: collabora.example.com
paths:
- path: /
tls:
- hosts:
- collabora.example.com
secretName: collabora-tls
env:
aliasgroup1: "https://cospace.example.com:443"
extra_params: "--o:ssl.enable=false --o:ssl.termination=true"
server_name: "Collabora"
EOF
# 2. Use the Collabora chart from the community, or deploy manually:
helm repo add collabora https://collaboraonline.github.io/online/
helm install collabora collabora/collabora-online \
--namespace collabora --create-namespace \
--values collabora-values.yaml
Configure Cospace:
cospace:
office:
enabled: true
type: "collabora"
host: "https://collabora.example.com"
secret: ""
Note: The
aliasgroup1env var must contain the Cospace domain so Collabora accepts WOPI requests from it. The Cospace domain must be reachable from end-user browsers.
After installation, verify that everything is healthy:
# Check pods
kubectl get pods -n cospace
# Check services
kubectl get svc -n cospace
# Tail application logs
kubectl logs -n cospace -l app=cospace-example-com -f
# Check the MariaDB CR (operator mode only)
kubectl get mariadb -n cospace
Expected healthy state:
cospace-... pod: Running, logs show "Server listening on port :3000"mariadb-... (operator) or mariadb-deployment-... (embedded): Runningcospace-redis-master-0: Runninghelm upgrade cospace oci://ghcr.io/twigex/helm-charts/cospace --version 0.0.33 \
--namespace cospace \
-f your-values.yaml
⚠️ Breaking changes — read the Changelog in the README before upgrading, especially around the default database backend.
helm uninstall cospace --namespace cospace
kubectl delete namespace cospace
Note: PVCs (
cospace-pvc,mariadb-pvc) and Secrets (<release>-cospace,<release>-mariadb) havehelm.sh/resource-policy: keepand are NOT deleted byhelm uninstall. Delete them manually if you want a full cleanup.
For a complete wipe:
helm uninstall cospace -n cospace
kubectl delete pvc -n cospace --all
kubectl delete secret -n cospace -l app.kubernetes.io/instance=cospace
kubectl delete namespace cospace