> For the complete documentation index, see [llms.txt](https://docs.groundcover.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.groundcover.com/customization/customize-deployment/on-premise-deployment.md).
# On-premise deployment
{% hint style="info" %}
**Note**: On-premise deployment is available only for users subscribed to our [Enterprise plan](https://www.groundcover.com/pricing).
{% endhint %}
groundcover on-premise installation allows you to use groundcover in secured environments without relying on outbound connections except for authentication purposes (Auth0).
{% hint style="info" %}
**Agent Mode on on-premises deployments.** Agent Mode is available on AWS or GCP - contact your groundcover account team to set up the required LLM services. Enabling it introduces additional outbound traffic to the configured cloud LLM service (AWS Bedrock or Google Cloud Vertex AI), so if you require a fully air-gapped environment, leave Agent Mode disabled. See [Agent Mode Requirements](/use-groundcover/agent-mode/requirements.md).
{% endhint %}
In this mode, groundcover installation includes 3 additional components:
* `router` - the frontend microservice
* `grafana`
* `postgresql` - db backend for the router and grafana microservices
#### Load the enterprise image pull secret
* Upon subscribing to [Enterprise plan](https://www.groundcover.com/pricing), you should receive a `groundcover-enterprise-key` Kubernetes Secret Object.
* Create a groundcover naƄmespace (if not created by now)\
`kubectl create ns groundcover`
* Load the image pull secret into the namespace\
`kubectl create -f groundcover-enterprise-key.yml --namespace=groundcover`
#### Create the Helm override
```yaml
global:
telemetry:
enabled: false
saas:
tls_skip_verify: true
scheme: ws
host: router-proxy
port: 80
router:
enabled: true
imagePullSecrets:
- groundcover-enterprise-key
ingress:
enabled: true # in case your are exposing the frontend
ingresses:
- name: frontend
ingressClassName: #{lb class in case your are exposing the frontend}
annotations:
hosts:
- host: #{domain}
paths:
- path: /
pathType: Prefix
port: 80
```
#### Optional: use existing PostgreSQL
* Create a database on existing PostgresSQL
```sql
CREATE DATABASE grafana;
CREATE DATABASE rbac;
CREATE DATABASE kong;
```
* Either manually or using a secret manager, create a secret in the following structure:
```
apiVersion: v1
kind: Secret
metadata:
name: groundcover-postgresql
namespace: groundcover
stringData:
postgres-password:
type: Opaque
```
* Create/Update helm overrides file, with the following override:
```
global:
postgresql:
enabled: false
overrideUrl: #postgresql.default.svc.cluster.local:5432
auth:
existingSecret: groundcover-postgresql
secretKeys:
adminPasswordKey: postgres-password
```
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:
```
GET https://docs.groundcover.com/customization/customize-deployment/on-premise-deployment.md?ask=&goal=
```
`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.