Skip to content
Klutch.sh Docs

Deploying a MeshCommander App

Introduction

MeshCommander is an open-source Intel AMT management console built on Node.js with a browser UI. Deploying MeshCommander with a Dockerfile on Klutch.sh delivers reproducible builds, managed secrets, and persistent storage for your AMT profiles—all configured from klutch.sh/app. This guide covers installation, repository prep, a production-ready Dockerfile, deployment steps, Nixpacks overrides, sample usage, and production tips.

Prerequisites

  • A Klutch.sh account (sign up)
  • A GitHub repository containing your MeshCommander Dockerfile (GitHub is the only supported git source)
  • Intel AMT endpoints with reachable network access
  • TLS certificate if you plan to serve HTTPS directly from MeshCommander

For onboarding, see the Quick Start.

Architecture and ports

  • MeshCommander serves HTTP(S) on internal port 3000; choose HTTP traffic.
  • No external database is required; configuration is stored on disk.
  • Persistent storage is required for settings and certificates.

Repository layout

meshcommander/
├── Dockerfile              # Must be at repo root for auto-detection
└── README.md

Keep secrets and certificates out of Git; store secrets in Klutch.sh environment variables and mount certificates via volumes.

Installation (local) and starter commands

Validate locally before pushing to GitHub:

Terminal window
docker build -t meshcommander-local .
docker run -p 3000:3000 meshcommander-local

Dockerfile for MeshCommander (production-ready)

Place this Dockerfile at the repo root; Klutch.sh auto-detects it (no Docker selection in the UI):

FROM ghcr.io/ylianst/meshcommander:latest


ENV PORT=3000 \
    NODE_ENV=production


EXPOSE 3000
CMD ["node", "meshcommander.js"]

Notes:

  • Pin the image tag (e.g., ghcr.io/ylianst/meshcommander:0.9.x) for stability and upgrade intentionally.
  • If you provide TLS certs, mount them into /meshcommander-data and configure in the UI or config file.

Environment variables (Klutch.sh)

Set these in Klutch.sh before deploying:

  • PORT=3000
  • NODE_ENV=production
  • Optional TLS paths (if used): CERT_PATH, KEY_PATH
  • Optional host binding: HOST=0.0.0.0

If you deploy without the Dockerfile and need Nixpacks overrides (Node):

  • NIXPACKS_BUILD_CMD=npm install
  • NIXPACKS_START_CMD=node meshcommander.js
  • NIXPACKS_NODE_VERSION=18

Attach persistent volumes

In Klutch.sh storage settings, add mount paths and sizes (no names required):

  • /meshcommander-data — configuration, profiles, and certificates.
  • /meshcommander-logs — optional logs if you write them to disk.

Ensure these directories are writable.

Deploy MeshCommander on Klutch.sh (Dockerfile workflow)

  1. Push your repository—with the Dockerfile at the root—to GitHub.
  2. Open klutch.sh/app, create a project, and add an app.
  3. Select HTTP traffic and set the internal port to 3000.
  4. Add the environment variables above, including any TLS paths if you serve HTTPS directly.
  5. Attach persistent volumes for /meshcommander-data (and /meshcommander-logs if used) sized for your profiles and certs.
  6. Deploy. Your MeshCommander instance will be reachable at https://example-app.klutch.sh; attach a custom domain if desired.

Sample usage

Reachability check:

Terminal window
curl -I https://example-app.klutch.sh

After login, add an AMT device via the UI and verify connectivity with Intel AMT controls.

Health checks and production tips

  • Add an HTTP probe to / for readiness.
  • Enforce HTTPS at the edge; forward internally to port 3000.
  • Store certificates and profiles only in Klutch.sh volumes; rotate certs regularly.
  • Pin image versions and back up /meshcommander-data before upgrades.

MeshCommander on Klutch.sh combines reproducible Docker builds with managed secrets, persistent storage, and flexible HTTP/TCP routing. With the Dockerfile at the repo root, port 3000 configured, and volumes for config and certs, you can deliver secure Intel AMT management without extra YAML or workflow overhead.