From 7be21685d619a78f7e15726a7a571c36652d7715 Mon Sep 17 00:00:00 2001
From: gitea-admin <admin@local>
Date: Tue, 19 May 2026 00:15:58 +0000
Subject: [PATCH 1/6] feat: deploy Wings instance for ARK SA

---
 .../wings-ark-sa/externalsecret.yaml          | 21 ++++++++-----------
 1 file changed, 9 insertions(+), 12 deletions(-)

diff --git a/deployments/game-servers/wings-ark-sa/externalsecret.yaml b/deployments/game-servers/wings-ark-sa/externalsecret.yaml
index 9a40726..953e5b7 100644
--- a/deployments/game-servers/wings-ark-sa/externalsecret.yaml
+++ b/deployments/game-servers/wings-ark-sa/externalsecret.yaml
@@ -6,21 +6,18 @@ metadata:
 spec:
   refreshInterval: 1h
   secretStoreRef:
-    name: vault
+    name: vault-secret-store
     kind: ClusterSecretStore
   target:
     name: wings-ark-sa-config
-    creationPolicy: Owner
+    template:
+      engineVersion: v2
   data:
-    - secretKey: WINGS_UUID
+    - secretKey: config
       remoteRef:
-        key: wings/ark-sa
-        property: uuid
-    - secretKey: WINGS_TOKEN
+        key: secret/data/Talos Cluster/wings/ark-sa
+        property: config
+    - secretKey: api_key
       remoteRef:
-        key: wings/ark-sa
-        property: token
-    - secretKey: LOCALE
-      remoteRef:
-        key: wings/ark-sa
-        property: locale
+        key: secret/data/Talos Cluster/wings/ark-sa
+        property: api_key
-- 
2.52.0


From 71ba268be526380d19334d219ddcb9983d214ccc Mon Sep 17 00:00:00 2001
From: gitea-admin <admin@local>
Date: Tue, 19 May 2026 00:15:58 +0000
Subject: [PATCH 2/6] feat: deploy Wings instance for ARK SA

-- 
2.52.0


From 5e4efe948dbecc7097885bcdb8cd04055b0f0be9 Mon Sep 17 00:00:00 2001
From: gitea-admin <admin@local>
Date: Tue, 19 May 2026 00:15:59 +0000
Subject: [PATCH 3/6] feat: deploy Wings instance for ARK SA

---
 .../game-servers/wings-ark-sa/deployment.yaml | 128 +++++++++---------
 1 file changed, 61 insertions(+), 67 deletions(-)

diff --git a/deployments/game-servers/wings-ark-sa/deployment.yaml b/deployments/game-servers/wings-ark-sa/deployment.yaml
index 4399be8..eb6fc02 100644
--- a/deployments/game-servers/wings-ark-sa/deployment.yaml
+++ b/deployments/game-servers/wings-ark-sa/deployment.yaml
@@ -21,101 +21,95 @@ spec:
     spec:
       nodeSelector:
         kubernetes.io/arch: amd64
-      affinity:
-        podAntiAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            - labelSelector:
-                matchExpressions:
-                  - key: game
-                    operator: In
-                    values: [ark-sa]
-              topologyKey: "kubernetes.io/hostname"
-      volumes:
-        - name: wings-config
-          secret:
-            secretName: wings-ark-sa-config
-        - name: game-data
-          persistentVolumeClaim:
-            claimName: wings-ark-sa-data
-        - name: docker-socket
-          emptyDir: {}
-        - name: autostart-token
-          secret:
-            secretName: pelican-autostart-key
       containers:
         - name: dind
-          image: docker:dind
-          args:
-            - "--storage-driver=vfs"
-            - "--iptables=false"
+          image: docker:24-dind
           securityContext:
             privileged: true
-          volumeMounts:
-            - name: docker-socket
-              mountPath: /var/run/docker.sock
           env:
             - name: DOCKER_TLS_CERTDIR
               value: ""
           resources:
             requests:
               cpu: "500m"
-              memory: "512Mi"
+              memory: "1Gi"
             limits:
               cpu: "1"
-              memory: "1Gi"
+              memory: "2Gi"
         - name: wings
           image: ghcr.io/pelican-dev/wings:latest
-          command:
-            - /bin/sh
-            - -c
-            - |
-              export DOCKER_HOST=tcp://localhost:2375
-              exec wings
-          envFrom:
-            - secretRef:
-                name: wings-ark-sa-config
           env:
             - name: DOCKER_HOST
               value: tcp://localhost:2375
-            - name: WATCHDOG_ENABLED
-              value: "true"
-          volumeMounts:
-            - name: wings-config
-              mountPath: /etc/pterodactyl
-              readOnly: true
-            - name: game-data
-              mountPath: /mnt/server
-            - name: docker-socket
-              mountPath: /var/run/docker.sock
+            - name: WINGS_Umask
+              value: "0002"
+            - name: GRPC_PORT
+              value: "50051"
+            - name: WINGS_API_LISTEN
+              value: "0.0.0.0:8081"
+            - name: WINGS_SFTP_LISTEN
+              value: "0.0.0.0:2023"
+            - name: WINGS_SERVER_UUID
+              valueFrom:
+                secretKeyRef:
+                  name: wings-ark-sa-config
+                  key: server_uuid
+            - name: WINGS_API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: wings-ark-sa-config
+                  key: api_key
+          envFrom:
+            - secretRef:
+                name: wings-ark-sa-config
+          ports:
+            - containerPort: 8081
+            - containerPort: 2023
           resources:
             requests:
               cpu: "2"
-              memory: "4Gi"
+              memory: "8Gi"
             limits:
               cpu: "4"
-              memory: "8Gi"
+              memory: "16Gi"
+          volumeMounts:
+            - name: data
+              mountPath: /home/container
         - name: game-autostart
           image: curlimages/curl:latest
-          command:
-            - /bin/sh
-            - -c
+          command: ["/bin/sh", "-c"]
+          args:
             - |
               while true; do
+                WINGS_READY=false
+                while [ "$WINGS_READY" = "false" ]; do
+                  if curl -sf http://localhost:8081/health > /dev/null 2>&1; then
+                    WINGS_READY=true
+                    echo "Wings is ready, sending start signal..."
+                    sleep 30
+                    curl -sf -X POST \
+                      -H "Authorization: Bearer $PELICAN_API_KEY" \
+                      -H "Content-Type: application/json" \
+                      -d '{"signal":"start"}' \
+                      https://pelican.khalisio.com/api/client/servers/3fd0b08d-7393-4d0f-b11c-bad5e1d1f771/power || echo "Start signal failed, retrying..."
+                    break
+                  fi
+                  echo "Waiting for Wings to be ready..."
+                  sleep 5
+                done
                 sleep 60
-                curl -sf -X POST "https://pelican.khalisio.com/api/client/servers/3fd0b08d-7393-4d0f-b11c-bad5e1d1f771/power" \
-                  -H "Authorization: Bearer $(cat /etc/secrets/autostart/api_key)" \
-                  -H "Content-Type: application/json" \
-                  -d '{"signal":"start"}' > /dev/null 2>&1 || true
               done
-          volumeMounts:
-            - name: autostart-token
-              mountPath: /etc/secrets/autostart
-              readOnly: true
+          envFrom:
+            - secretRef:
+                name: pelican-autostart-key
           resources:
             requests:
-              cpu: "50m"
-              memory: "64Mi"
-            limits:
               cpu: "100m"
-              memory: "128Mi"
-      restartPolicy: Always
+              memory: "256Mi"
+            limits:
+              cpu: "500m"
+              memory: "512Mi"
+      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: wings-ark-sa-data
-- 
2.52.0


From c82086eed829073505802f43b76242914e13827f Mon Sep 17 00:00:00 2001
From: gitea-admin <admin@local>
Date: Tue, 19 May 2026 00:15:59 +0000
Subject: [PATCH 4/6] feat: deploy Wings instance for ARK SA

---
 deployments/game-servers/wings-ark-sa/service-api.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/deployments/game-servers/wings-ark-sa/service-api.yaml b/deployments/game-servers/wings-ark-sa/service-api.yaml
index 7c0577f..7bbf4f9 100644
--- a/deployments/game-servers/wings-ark-sa/service-api.yaml
+++ b/deployments/game-servers/wings-ark-sa/service-api.yaml
@@ -5,6 +5,8 @@ metadata:
   namespace: game-servers
 spec:
   type: ClusterIP
+  selector:
+    app: wings-ark-sa
   ports:
     - name: api
       port: 8081
@@ -14,5 +16,3 @@ spec:
       port: 2023
       targetPort: 2023
       protocol: TCP
-  selector:
-    app: wings-ark-sa
-- 
2.52.0


From aa2906c3c0c660e08b88c707d49a60e139e5a828 Mon Sep 17 00:00:00 2001
From: gitea-admin <admin@local>
Date: Tue, 19 May 2026 00:15:59 +0000
Subject: [PATCH 5/6] feat: deploy Wings instance for ARK SA

---
 .../wings-ark-sa/service-game.yaml            | 28 +++++++++----------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/deployments/game-servers/wings-ark-sa/service-game.yaml b/deployments/game-servers/wings-ark-sa/service-game.yaml
index e95eb28..a090791 100644
--- a/deployments/game-servers/wings-ark-sa/service-game.yaml
+++ b/deployments/game-servers/wings-ark-sa/service-game.yaml
@@ -4,22 +4,22 @@ metadata:
   name: wings-ark-sa-game
   namespace: game-servers
   annotations:
-    metallb.universe.tf/address-pool: default-lb-pool
+    metallb.io/address-pool: "default"
 spec:
   type: LoadBalancer
   loadBalancerIP: 10.4.4.200
-  ports:
-    - name: ark-game
-      port: 7777
-      protocol: UDP
-      targetPort: 7777
-    - name: ark-query
-      port: 27015
-      protocol: UDP
-      targetPort: 27015
-    - name: ark-tcp
-      port: 27016
-      protocol: TCP
-      targetPort: 27016
   selector:
     app: wings-ark-sa
+  ports:
+    - name: udp
+      port: 7777
+      targetPort: 7777
+      protocol: UDP
+    - name: tcp
+      port: 7777
+      targetPort: 7777
+      protocol: TCP
+    - name: query
+      port: 27015
+      targetPort: 27015
+      protocol: UDP
-- 
2.52.0


From 777e1c98f3adcac4617e00842da5e3a35f545d17 Mon Sep 17 00:00:00 2001
From: gitea-admin <admin@local>
Date: Tue, 19 May 2026 00:16:00 +0000
Subject: [PATCH 6/6] feat: deploy Wings instance for ARK SA

---
 .../game-servers/wings-ark-sa/ingress.yaml       | 16 +++-------------
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/deployments/game-servers/wings-ark-sa/ingress.yaml b/deployments/game-servers/wings-ark-sa/ingress.yaml
index 83fdf58..4ed96c5 100644
--- a/deployments/game-servers/wings-ark-sa/ingress.yaml
+++ b/deployments/game-servers/wings-ark-sa/ingress.yaml
@@ -1,27 +1,17 @@
-apiVersion: traefik.containo.us/v1alpha1
+apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
-  name: wings-ark-sa-api
+  name: wings-ark-sa
   namespace: game-servers
 spec:
   entryPoints:
     - websecure
   tls:
     secretName: wings-ark-sa-tls
+    certResolver: letsencrypt
   routes:
     - match: Host(`wings-ark-sa.khalisio.com`)
       kind: Rule
       services:
         - name: wings-ark-sa-api
           port: 8081
-          scheme: https
-          serversTransport: wings-ark-sa-st
----
-apiVersion: traefik.io/v1alpha1
-kind: ServersTransport
-metadata:
-  name: wings-ark-sa-st
-  namespace: game-servers
-spec:
-  serverTransport:
-    insecureSkipVerify: true
-- 
2.52.0