apiVersion: apps/v1 kind: Deployment metadata: namespace: tacticalrmm labels: app: tacticalrmm service: tactical-meshcentral name: tactical-meshcentral spec: replicas: 1 selector: matchLabels: service: tactical-meshcentral strategy: type: Recreate template: metadata: labels: network/mesh-db: "true" network/proxy: "true" service: tactical-meshcentral spec: securityContext: runAsUser: 1000 fsGroup: 1000 containers: - name: trmm-meshcentral image: tacticalrmm/tactical-meshcentral:0.11.4-dev resources: {} env: - name: MESH_HOST value: mesh.rmm.mydomain.com - name: MESH_USER value: meshuser - name: MESH_PASS valueFrom: secretKeyRef: name: tactical-secrets key: mesh-password - name: MESH_PERSISTENT_CONFIG value: "0" - name: MONGODB_USER value: mongodbuser - name: MONGODB_PASSWORD valueFrom: secretKeyRef: name: tactical-secrets key: mongodb-password - name: NGINX_HOST_IP # Point to NGINX service value: tactical-nlb - name: NGINX_HOST_PORT # Should match the EXTERNAL port of the NGINX service value: "443" - name: WS_MASK_OVERRIDE # Enable for Traefik compatibility value: "0" - name: SMTP_HOST value: smtp.example.com - name: SMTP_PORT value: "587" - name: SMTP_FROM value: mesh@example.com - name: SMTP_USER value: mesh@example.com - name: SMTP_PASS valueFrom: secretKeyRef: name: tactical-secrets key: mesh-smtp-password - name: SMTP_TLS value: "false" volumeMounts: - mountPath: /opt/tactical name: tactical-data - mountPath: /home/node/app/meshcentral-data name: mesh-data restartPolicy: Always volumes: - name: tactical-data persistentVolumeClaim: claimName: tactical-data - name: mesh-data persistentVolumeClaim: claimName: mesh-data --- apiVersion: v1 kind: Service metadata: namespace: tacticalrmm labels: app: tacticalrmm service: tactical-meshcentral name: tactical-meshcentral spec: ports: - name: "http" port: 8080 targetPort: 8080 - name: "https" port: 4443 targetPort: 4443 selector: service: tactical-meshcentral