trmm-awesome/kubernetes/deployment/tactical-meshcentral.yaml

102 lines
2.7 KiB
YAML
Raw Permalink Normal View History

2022-01-03 08:37:09 +01:00
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: tacticalrmm
labels:
app: tacticalrmm
service: tactical-meshcentral
name: tactical-meshcentral
spec:
replicas: 1
selector:
matchLabels:
service: tactical-meshcentral
strategy:
type: Recreate
template:
metadata:
labels:
network/mesh-db: "true"
network/proxy: "true"
service: tactical-meshcentral
spec:
2022-01-18 01:51:44 +01:00
securityContext:
runAsUser: 1000
fsGroup: 1000
2022-01-03 08:37:09 +01:00
containers:
- name: trmm-meshcentral
2022-07-09 00:34:12 +02:00
image: tacticalrmm/tactical-meshcentral:0.14.1
2022-01-03 08:37:09 +01:00
resources: {}
env:
- name: MESH_HOST
value: mesh.rmm.mydomain.com
- name: MESH_USER
value: meshuser
- name: MESH_PASS
valueFrom:
secretKeyRef:
name: tactical-secrets
key: mesh-password
- name: MESH_PERSISTENT_CONFIG
value: "0"
- name: MONGODB_USER
value: mongodbuser
- name: MONGODB_PASSWORD
valueFrom:
secretKeyRef:
name: tactical-secrets
key: mongodb-password
- name: NGINX_HOST_IP # Point to NGINX service
value: tactical-nlb
2022-01-18 01:51:44 +01:00
- name: NGINX_HOST_PORT # Should match the EXTERNAL port of the NGINX service
value: "443"
2022-01-03 08:37:09 +01:00
- name: WS_MASK_OVERRIDE # Enable for Traefik compatibility
value: "0"
2022-01-10 22:16:09 +01:00
- name: SMTP_HOST
value: smtp.example.com
- name: SMTP_PORT
value: "587"
- name: SMTP_FROM
value: mesh@example.com
- name: SMTP_USER
value: mesh@example.com
- name: SMTP_PASS
valueFrom:
secretKeyRef:
name: tactical-secrets
key: mesh-smtp-password
- name: SMTP_TLS
value: "false"
2022-01-03 08:37:09 +01:00
volumeMounts:
- mountPath: /opt/tactical
name: tactical-data
- mountPath: /home/node/app/meshcentral-data
name: mesh-data
restartPolicy: Always
volumes:
- name: tactical-data
persistentVolumeClaim:
claimName: tactical-data
- name: mesh-data
persistentVolumeClaim:
claimName: mesh-data
---
apiVersion: v1
kind: Service
metadata:
namespace: tacticalrmm
labels:
app: tacticalrmm
service: tactical-meshcentral
name: tactical-meshcentral
spec:
ports:
- name: "http"
2022-01-18 01:51:44 +01:00
port: 8080
targetPort: 8080
2022-01-03 08:37:09 +01:00
- name: "https"
2022-01-18 01:51:44 +01:00
port: 4443
targetPort: 4443
2022-01-03 08:37:09 +01:00
selector:
service: tactical-meshcentral