6 changed files with 206 additions and 0 deletions
@@ -0,0 +1,115 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: wings-enshrouded
+  namespace: game-servers
+  labels:
+    app: wings-enshrouded
+    game: enshrouded
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: wings-enshrouded
+  template:
+    metadata:
+      labels:
+        app: wings-enshrouded
+        game: enshrouded
+    spec:
+      nodeSelector:
+        kubernetes.io/arch: amd64
+      containers:
+        - name: dind
+          image: docker:24-dind
+          securityContext:
+            privileged: true
+          env:
+            - name: DOCKER_TLS_CERTDIR
+              value: ""
+          resources:
+            requests:
+              cpu: "500m"
+              memory: "1Gi"
+            limits:
+              cpu: "1"
+              memory: "2Gi"
+        - name: wings
+          image: ghcr.io/pelican-dev/wings:latest
+          env:
+            - name: DOCKER_HOST
+              value: tcp://localhost:2375
+            - name: WINGS_Umask
+              value: "0002"
+            - name: GRPC_PORT
+              value: "50051"
+            - name: WINGS_API_LISTEN
+              value: "0.0.0.0:8081"
+            - name: WINGS_SFTP_LISTEN
+              value: "0.0.0.0:2023"
+            - name: WINGS_SERVER_UUID
+              valueFrom:
+                secretKeyRef:
+                  name: wings-enshrouded-config
+                  key: server_uuid
+            - name: WINGS_API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: wings-enshrouded-config
+                  key: api_key
+          envFrom:
+            - secretRef:
+                name: wings-enshrouded-config
+          ports:
+            - containerPort: 8081
+            - containerPort: 2023
+          resources:
+            requests:
+              cpu: "2"
+              memory: "8Gi"
+            limits:
+              cpu: "4"
+              memory: "16Gi"
+          volumeMounts:
+            - name: data
+              mountPath: /home/container
+        - name: game-autostart
+          image: curlimages/curl:latest
+          command: ["/bin/sh", "-c"]
+          args:
+            - |
+              while true; do
+                WINGS_READY=false
+                while [ "$WINGS_READY" = "false" ]; do
+                  if curl -sf http://localhost:8081/health > /dev/null 2>&1; then
+                    WINGS_READY=true
+                    echo "Wings is ready, sending start signal..."
+                    sleep 30
+                    curl -sf -X POST \
+                      -H "Authorization: Bearer $PELICAN_API_KEY" \
+                      -H "Content-Type: application/json" \
+                      -d '{"signal":"start"}' \
+                      https://pelican.khalisio.com/api/client/servers/8448d68c-dec4-4025-97fa-9b49e36c75bb/power || echo "Start signal failed, retrying..."
+                    break
+                  fi
+                  echo "Waiting for Wings to be ready..."
+                  sleep 5
+                done
+                sleep 60
+              done
+          envFrom:
+            - secretRef:
+                name: pelican-autostart-key
+          resources:
+            requests:
+              cpu: "100m"
+              memory: "256Mi"
+            limits:
+              cpu: "500m"
+              memory: "512Mi"
+      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: wings-enshrouded-data
@@ -0,0 +1,23 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: wings-enshrouded-config
+  namespace: game-servers
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-secret-store
+    kind: ClusterSecretStore
+  target:
+    name: wings-enshrouded-config
+    template:
+      engineVersion: v2
+  data:
+    - secretKey: config
+      remoteRef:
+        key: secret/data/Talos Cluster/wings/enshrouded
+        property: config
+    - secretKey: api_key
+      remoteRef:
+        key: secret/data/Talos Cluster/wings/enshrouded
+        property: api_key
@@ -0,0 +1,17 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: wings-enshrouded
+  namespace: game-servers
+spec:
+  entryPoints:
+    - websecure
+  tls:
+    secretName: wings-enshrouded-tls
+    certResolver: letsencrypt
+  routes:
+    - match: Host(`wings-enshrouded.khalisio.com`)
+      kind: Rule
+      services:
+        - name: wings-enshrouded-api
+          port: 8081
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: wings-enshrouded-data
+  namespace: game-servers
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 50Gi
@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: wings-enshrouded-api
+  namespace: game-servers
+spec:
+  type: ClusterIP
+  selector:
+    app: wings-enshrouded
+  ports:
+    - name: api
+      port: 8081
+      targetPort: 8081
+      protocol: TCP
+    - name: sftp
+      port: 2023
+      targetPort: 2023
+      protocol: TCP
@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: wings-enshrouded-game
+  namespace: game-servers
+  annotations:
+    metallb.io/address-pool: "default"
+spec:
+  type: LoadBalancer
+  loadBalancerIP: 10.4.4.204
+  selector:
+    app: wings-enshrouded
+  ports:
+    - name: udp
+      port: 27015
+      targetPort: 27015
+      protocol: UDP
+    - name: tcp
+      port: 27015
+      targetPort: 27015
+      protocol: TCP