diff --git a/deployments/game-servers/wings-ark-sa/deployment.yaml b/deployments/game-servers/wings-ark-sa/deployment.yaml new file mode 100644 index 0000000..4399be8 --- /dev/null +++ b/deployments/game-servers/wings-ark-sa/deployment.yaml @@ -0,0 +1,121 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: wings-ark-sa + namespace: game-servers + labels: + app: wings-ark-sa + game: ark-sa +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: wings-ark-sa + template: + metadata: + labels: + app: wings-ark-sa + game: ark-sa + spec: + nodeSelector: + kubernetes.io/arch: amd64 + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: game + operator: In + values: [ark-sa] + topologyKey: "kubernetes.io/hostname" + volumes: + - name: wings-config + secret: + secretName: wings-ark-sa-config + - name: game-data + persistentVolumeClaim: + claimName: wings-ark-sa-data + - name: docker-socket + emptyDir: {} + - name: autostart-token + secret: + secretName: pelican-autostart-key + containers: + - name: dind + image: docker:dind + args: + - "--storage-driver=vfs" + - "--iptables=false" + securityContext: + privileged: true + volumeMounts: + - name: docker-socket + mountPath: /var/run/docker.sock + env: + - name: DOCKER_TLS_CERTDIR + value: "" + resources: + requests: + cpu: "500m" + memory: "512Mi" + limits: + cpu: "1" + memory: "1Gi" + - name: wings + image: ghcr.io/pelican-dev/wings:latest + command: + - /bin/sh + - -c + - | + export DOCKER_HOST=tcp://localhost:2375 + exec wings + envFrom: + - secretRef: + name: wings-ark-sa-config + env: + - name: DOCKER_HOST + value: tcp://localhost:2375 + - name: WATCHDOG_ENABLED + value: "true" + volumeMounts: + - name: wings-config + mountPath: /etc/pterodactyl + readOnly: true + - name: game-data + mountPath: /mnt/server + - name: docker-socket + mountPath: /var/run/docker.sock + resources: + requests: + cpu: "2" + memory: "4Gi" + limits: + cpu: "4" + memory: "8Gi" + - name: game-autostart + image: curlimages/curl:latest + command: + - /bin/sh + - -c + - | + while true; do + sleep 60 + curl -sf -X POST "https://pelican.khalisio.com/api/client/servers/3fd0b08d-7393-4d0f-b11c-bad5e1d1f771/power" \ + -H "Authorization: Bearer $(cat /etc/secrets/autostart/api_key)" \ + -H "Content-Type: application/json" \ + -d '{"signal":"start"}' > /dev/null 2>&1 || true + done + volumeMounts: + - name: autostart-token + mountPath: /etc/secrets/autostart + readOnly: true + resources: + requests: + cpu: "50m" + memory: "64Mi" + limits: + cpu: "100m" + memory: "128Mi" + restartPolicy: Always diff --git a/deployments/game-servers/wings-ark-sa/externalsecret.yaml b/deployments/game-servers/wings-ark-sa/externalsecret.yaml new file mode 100644 index 0000000..9a40726 --- /dev/null +++ b/deployments/game-servers/wings-ark-sa/externalsecret.yaml @@ -0,0 +1,26 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: wings-ark-sa-config + namespace: game-servers +spec: + refreshInterval: 1h + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: wings-ark-sa-config + creationPolicy: Owner + data: + - secretKey: WINGS_UUID + remoteRef: + key: wings/ark-sa + property: uuid + - secretKey: WINGS_TOKEN + remoteRef: + key: wings/ark-sa + property: token + - secretKey: LOCALE + remoteRef: + key: wings/ark-sa + property: locale diff --git a/deployments/game-servers/wings-ark-sa/ingress.yaml b/deployments/game-servers/wings-ark-sa/ingress.yaml new file mode 100644 index 0000000..83fdf58 --- /dev/null +++ b/deployments/game-servers/wings-ark-sa/ingress.yaml @@ -0,0 +1,27 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: wings-ark-sa-api + namespace: game-servers +spec: + entryPoints: + - websecure + tls: + secretName: wings-ark-sa-tls + routes: + - match: Host(`wings-ark-sa.khalisio.com`) + kind: Rule + services: + - name: wings-ark-sa-api + port: 8081 + scheme: https + serversTransport: wings-ark-sa-st +--- +apiVersion: traefik.io/v1alpha1 +kind: ServersTransport +metadata: + name: wings-ark-sa-st + namespace: game-servers +spec: + serverTransport: + insecureSkipVerify: true diff --git a/deployments/game-servers/wings-ark-sa/pvc.yaml b/deployments/game-servers/wings-ark-sa/pvc.yaml new file mode 100644 index 0000000..336417c --- /dev/null +++ b/deployments/game-servers/wings-ark-sa/pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: wings-ark-sa-data + namespace: game-servers +spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn + resources: + requests: + storage: 150Gi diff --git a/deployments/game-servers/wings-ark-sa/service-api.yaml b/deployments/game-servers/wings-ark-sa/service-api.yaml new file mode 100644 index 0000000..7c0577f --- /dev/null +++ b/deployments/game-servers/wings-ark-sa/service-api.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: wings-ark-sa-api + namespace: game-servers +spec: + type: ClusterIP + ports: + - name: api + port: 8081 + targetPort: 8081 + protocol: TCP + - name: sftp + port: 2023 + targetPort: 2023 + protocol: TCP + selector: + app: wings-ark-sa diff --git a/deployments/game-servers/wings-ark-sa/service-game.yaml b/deployments/game-servers/wings-ark-sa/service-game.yaml new file mode 100644 index 0000000..e95eb28 --- /dev/null +++ b/deployments/game-servers/wings-ark-sa/service-game.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Service +metadata: + name: wings-ark-sa-game + namespace: game-servers + annotations: + metallb.universe.tf/address-pool: default-lb-pool +spec: + type: LoadBalancer + loadBalancerIP: 10.4.4.200 + ports: + - name: ark-game + port: 7777 + protocol: UDP + targetPort: 7777 + - name: ark-query + port: 27015 + protocol: UDP + targetPort: 27015 + - name: ark-tcp + port: 27016 + protocol: TCP + targetPort: 27016 + selector: + app: wings-ark-sa