diff --git a/namespaces/cert-manager/cert-manager-chart.yml b/namespaces/cert-manager/cert-manager-chart.yml index 9f6d9b8..5042867 100644 --- a/namespaces/cert-manager/cert-manager-chart.yml +++ b/namespaces/cert-manager/cert-manager-chart.yml @@ -8,7 +8,7 @@ spec: targetNamespace: cert-manager repo: https://charts.jetstack.io # https://artifacthub.io/packages/helm/cert-manager/cert-manager - version: 1.14.5 + version: 1.16.2 valuesContent: |- prometheus: enabled: true diff --git a/namespaces/freetak/freetak-chart.yml b/namespaces/freetak/freetak-chart.yml new file mode 100644 index 0000000..79881b6 --- /dev/null +++ b/namespaces/freetak/freetak-chart.yml @@ -0,0 +1,26 @@ +# https://github.com/kgrubb/helm-chart-freetak +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: freetak + namespace: freetak +spec: + chart: freetak + targetNamespace: freetak + repo: https://kgrubb.github.io/helm-chart-freetak/ + version: 0.1.2 + valuesContent: |- + ingress: + enabled: true + className: nginx + hosts: + - host: tak.keligrubb.com + paths: + - path: / + pathType: Prefix + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-cluster-issuer" + tls: + - secretName: freetak-tls + hosts: + - tak.keligrubb.com \ No newline at end of file diff --git a/namespaces/freetak/namespace.yml b/namespaces/freetak/namespace.yml new file mode 100644 index 0000000..41aa5a6 --- /dev/null +++ b/namespaces/freetak/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: freetak \ No newline at end of file diff --git a/namespaces/git/default-role.yml b/namespaces/git/default-role.yml deleted file mode 100644 index ed4afe1..0000000 --- a/namespaces/git/default-role.yml +++ /dev/null @@ -1,68 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: default - namespace: git -rules: -- apiGroups: - - "" - resources: - - pods - - pods/log - - namespaces - - serviceaccounts - - persistentvolumeclaims - - services - - configmaps - verbs: - - watch - - create - - delete - - get - - list -- apiGroups: - - "apps" - resources: - - deployments - - daemonsets - verbs: - - get -- apiGroups: - - "helm.cattle.io" - resources: - - helmcharts - verbs: - - get -- apiGroups: - - "apiextensions.k8s.io" - resources: - - customresourcedefinitions - verbs: - - get -- apiGroups: - - "rbac.authorization.k8s.io" - resources: - - clusterroles - - rolebindings - - clusterrolebindings - verbs: - - get -- apiGroups: - - "apiregistration.k8s.io" - resources: - - apiservices - verbs: - - get -- apiGroups: - - "metallb.io" - resources: - - ipaddresspools - - l2advertisements - verbs: - - get -- apiGroups: - - "networking.k8s.io" - resources: - - ingresses - verbs: - - get \ No newline at end of file diff --git a/namespaces/git/gitea-chart.yml b/namespaces/git/gitea-chart.yml index 4684444..8229cca 100644 --- a/namespaces/git/gitea-chart.yml +++ b/namespaces/git/gitea-chart.yml @@ -9,7 +9,8 @@ spec: chart: gitea targetNamespace: git repo: https://dl.gitea.io/charts/ - version: 10.1.4 + # https://gitea.com/gitea/helm-chart/releases + version: 10.6.0 valuesContent: |- resources: limits: @@ -18,21 +19,10 @@ spec: requests: cpu: 200m memory: 256Mi - redis-cluster: - enabled: false - postgresql: - enabled: true - postgresql-ha: - enabled: false - persistence: - enabled: true gitea: admin: existingSecret: gitea-admin-secret email: keligrubb324@gmail.com - additionalConfigFromEnvs: - - name: GITEA__webhook__ALLOWED_HOST_LIST - value: "external,loopback,*.keligrubb.com" metrics: enabled: true serviceMonitor: @@ -41,23 +31,8 @@ spec: picture: ENABLE_FEDERATED_AVATAR: false DISABLE_GRAVATAR: true - ui: - DEFAULT_THEME: arc-green - server: - ENABLE_PPROF: true - database: - DB_TYPE: postgres - session: - PROVIDER: db - cache: - ADAPTER: memory - queue: - TYPE: level - indexer: - ISSUE_INDEXER_TYPE: bleve - REPO_INDEXER_ENABLED: true - webhook: - ALLOWED_HOST_LIST: "external,loopback" + actions: + ENABLED: true service: ssh: port: 22 diff --git a/namespaces/git/gitea-secret.yml b/namespaces/git/gitea-secret.yml new file mode 100644 index 0000000..656f1ff --- /dev/null +++ b/namespaces/git/gitea-secret.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: gitea-admin-secret + namespace: git +type: Opaque +stringData: + username: keli.grubb + password: Jazz6080 \ No newline at end of file diff --git a/namespaces/git/woodpecker-chart.yml b/namespaces/git/woodpecker-chart.yml deleted file mode 100644 index 16cbf65..0000000 --- a/namespaces/git/woodpecker-chart.yml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: woodpecker - namespace: git -spec: - chart: woodpecker - targetNamespace: git - repo: https://woodpecker-ci.org/ - version: 1.3.0 - valuesContent: |- - server: - env: - WOODPECKER_ADMIN: keli.grubb - WOODPECKER_GITEA: true - WOODPECKER_GITEA_URL: http://git.keligrubb.com - WOODPECKER_GITEA_SKIP_VERIFY: true - WOODPECKER_HOST: http://ci.keligrubb.com - WOODPECKER_ORGS: homestead - extraSecretNamesForEnvFrom: - - woodpecker-gitea-client - - woodpecker-gitea-secret - ingress: - enabled: true - ingressClassName: nginx - hosts: - - host: ci.keligrubb.com - paths: - - path: / - backend: - serviceName: ci.keligrubb.com - servicePort: 80 - agent: - env: - WOODPECKER_GITEA: true \ No newline at end of file diff --git a/namespaces/immich/immich-chart.yml b/namespaces/immich/immich-chart.yml new file mode 100644 index 0000000..e69de29 diff --git a/namespaces/immich/namespace.yml b/namespaces/immich/namespace.yml new file mode 100644 index 0000000..8c8c726 --- /dev/null +++ b/namespaces/immich/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: immich diff --git a/namespaces/ingress-nginx/ingress-nginx-chart.yml b/namespaces/ingress-nginx/ingress-nginx-chart.yml index 4f4014d..ec8dfc3 100644 --- a/namespaces/ingress-nginx/ingress-nginx-chart.yml +++ b/namespaces/ingress-nginx/ingress-nginx-chart.yml @@ -7,7 +7,8 @@ spec: chart: ingress-nginx targetNamespace: ingress-nginx repo: https://kubernetes.github.io/ingress-nginx - version: 4.10.1 + # https://artifacthub.io/packages/helm/ingress-nginx/ingress-nginx + version: 4.11.3 valuesContent: |- controller: metrics: @@ -24,4 +25,4 @@ spec: cpu: 200m memory: 200Mi tcp: - 22: git/gitea-ssh:22 \ No newline at end of file + 22: git/gitea-ssh:22 diff --git a/namespaces/ingress-nginx/kiwix.yml b/namespaces/ingress-nginx/kiwix.yml new file mode 100644 index 0000000..9018ae8 --- /dev/null +++ b/namespaces/ingress-nginx/kiwix.yml @@ -0,0 +1,60 @@ +apiVersion: v1 +kind: Service +metadata: + name: kiwix + namespace: ingress-nginx +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8080 + clusterIP: None + type: ClusterIP + +--- + +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +metadata: + name: kiwix + namespace: ingress-nginx + labels: + kubernetes.io/service-name: kiwix +addressType: IPv4 +ports: + - name: http + protocol: TCP + port: 8080 +endpoints: + - addresses: + - "192.168.1.178" + conditions: + ready: true +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: kiwix + namespace: ingress-nginx + annotations: + nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" + nginx.ingress.kubernetes.io/proxy-send-timeout: "3600" + cert-manager.io/cluster-issuer: "letsencrypt-cluster-issuer" +spec: + ingressClassName: "nginx" + tls: + - secretName: kiwix-tls + hosts: + - wiki.keligrubb.com + rules: + - host: wiki.keligrubb.com + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: kiwix + port: + number: 80 diff --git a/namespaces/jellyfin/ingress.yml b/namespaces/jellyfin/ingress.yml new file mode 100644 index 0000000..c0e3d68 --- /dev/null +++ b/namespaces/jellyfin/ingress.yml @@ -0,0 +1,13 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: jellyfin-ingress + namespace: jellyfin + +spec: + entryPoints: + - jellyfin + routes: + - services: + - name: jellyfin + port: 8096 diff --git a/namespaces/jellyfin/jellyfin-deployment.yml b/namespaces/jellyfin/jellyfin-deployment.yml new file mode 100644 index 0000000..c72e887 --- /dev/null +++ b/namespaces/jellyfin/jellyfin-deployment.yml @@ -0,0 +1,29 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: jellyfin-deployment + labels: + app: jellyfin +spec: + replicas: 1 + selector: + matchLabels: + app: jellyfin + template: + metadata: + labels: + app: jellyfin + spec: + containers: + - name: jellyfin + image: jellyfin/jellyfin + resources: + requests: + memory: "64Mi" + cpu: "250m" + limits: + memory: "128Mi" + cpu: "500m" + ports: + - containerPort: 8096 + protocol: TCP diff --git a/namespaces/jellyfin/jellyfin-service.yml b/namespaces/jellyfin/jellyfin-service.yml new file mode 100644 index 0000000..452fbaa --- /dev/null +++ b/namespaces/jellyfin/jellyfin-service.yml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: jellyfin +spec: + selector: + app: jellyfin + ports: + - protocol: TCP + port: 8096 + targetPort: 8096 + type: LoadBalancer + \ No newline at end of file diff --git a/namespaces/jellyfin/namespace.yml b/namespaces/jellyfin/namespace.yml new file mode 100644 index 0000000..b2d7885 --- /dev/null +++ b/namespaces/jellyfin/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: jellyfin \ No newline at end of file diff --git a/namespaces/kube-system/helm-controller.yaml b/namespaces/kube-system/helm-controller.yaml index 6701e92..89d9318 100644 --- a/namespaces/kube-system/helm-controller.yaml +++ b/namespaces/kube-system/helm-controller.yaml @@ -74,12 +74,26 @@ spec: helmVersion: nullable: true type: string + insecureSkipTLSVerify: + type: boolean jobImage: nullable: true type: string + plainHTTP: + type: boolean podSecurityContext: nullable: true properties: + appArmorProfile: + nullable: true + properties: + localhostProfile: + nullable: true + type: string + type: + nullable: true + type: string + type: object fsGroup: nullable: true type: integer @@ -174,6 +188,16 @@ spec: allowPrivilegeEscalation: nullable: true type: boolean + appArmorProfile: + nullable: true + properties: + localhostProfile: + nullable: true + type: string + type: + nullable: true + type: string + type: object capabilities: nullable: true properties: @@ -271,6 +295,24 @@ spec: type: object status: properties: + conditions: + items: + properties: + message: + nullable: true + type: string + reason: + nullable: true + type: string + status: + nullable: true + type: string + type: + nullable: true + type: string + type: object + nullable: true + type: array jobName: nullable: true type: string @@ -278,6 +320,8 @@ spec: type: object served: true storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 @@ -329,6 +373,6 @@ spec: containers: - command: - helm-controller - image: rancher/helm-controller:v0.16.0 + image: rancher/helm-controller:v0.16.5 name: helm-controller --- diff --git a/namespaces/kube-system/metrics-server.yml b/namespaces/kube-system/metrics-server.yml index 73f4ecc..5857c32 100644 --- a/namespaces/kube-system/metrics-server.yml +++ b/namespaces/kube-system/metrics-server.yml @@ -138,7 +138,7 @@ spec: - --kubelet-use-node-status-port - --kubelet-insecure-tls - --metric-resolution=15s - image: registry.k8s.io/metrics-server/metrics-server:v0.7.1 + image: registry.k8s.io/metrics-server/metrics-server:v0.7.2 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 diff --git a/namespaces/kube-system/nodelocaldns.yml b/namespaces/kube-system/nodelocaldns.yml index 044d3ce..16dd685 100644 --- a/namespaces/kube-system/nodelocaldns.yml +++ b/namespaces/kube-system/nodelocaldns.yml @@ -138,7 +138,7 @@ spec: operator: "Exists" containers: - name: node-cache - image: registry.k8s.io/dns/k8s-dns-node-cache:1.23.0 + image: registry.k8s.io/dns/k8s-dns-node-cache:1.24.0 resources: requests: cpu: 25m diff --git a/namespaces/longhorn-system/longhorn-basic-auth-secret.yml b/namespaces/longhorn-system/longhorn-basic-auth-secret.yml new file mode 100644 index 0000000..d534833 --- /dev/null +++ b/namespaces/longhorn-system/longhorn-basic-auth-secret.yml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: longhorn-basic-auth-secret + namespace: longhorn-system +type: Opaque +stringData: + auth: PNHrc9lt60CW \ No newline at end of file diff --git a/namespaces/longhorn-system/longhorn-chart.yml b/namespaces/longhorn-system/longhorn-chart.yml index dacd745..329982b 100644 --- a/namespaces/longhorn-system/longhorn-chart.yml +++ b/namespaces/longhorn-system/longhorn-chart.yml @@ -7,7 +7,7 @@ spec: chart: longhorn targetNamespace: longhorn-system repo: https://charts.longhorn.io - version: 1.6.1 + version: 1.7.2 valuesContent: |- ingress: enabled: true diff --git a/namespaces/metallb-system/metallb-chart.yml b/namespaces/metallb-system/metallb-chart.yml index 9e27585..cec0671 100644 --- a/namespaces/metallb-system/metallb-chart.yml +++ b/namespaces/metallb-system/metallb-chart.yml @@ -9,7 +9,8 @@ spec: chart: metallb targetNamespace: metallb-system repo: https://metallb.github.io/metallb - version: 0.14.5 + # https://artifacthub.io/packages/helm/metallb/metallb + version: 0.14.9 valuesContent: |- prometheus: serviceMonitor: diff --git a/namespaces/mineclonia/mineclonia-conf-configmap.yml b/namespaces/mineclonia/mineclonia-conf-configmap.yml new file mode 100644 index 0000000..54628e3 --- /dev/null +++ b/namespaces/mineclonia/mineclonia-conf-configmap.yml @@ -0,0 +1,35 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: mineclonia-config + namespace: mineclonia +data: + minetest.conf: | + enable_server = true + default_game = mineclonia + game_id = mineclonia + mapgen = mineclonia + server_name = Runestone + worldname = Runestone + server_description = "Explore vast landscapes, uncover ancient secrets, and shape your legacy in the land of Runestone." + server_address = 0.0.0.0 + server_port = 30000 + max_users = 50 + debug_log_level = warning + time_speed = 72 # set to 20 minutes dat/night cycles like minecraft. + worldname = Runestone + + # network optimizations + enable_ipv6 = false + max_packets_per_iteration = 1024 + chat_message_max_length = 200 + + # Authentication + name = socialsyndrome + require_password = true + password_hashing = true + enable_mods = true + player_name = true + auth_backend = sqlite3 + auth_fail_ban_time = 10 + enable_password_protection = true diff --git a/namespaces/mineclonia/mineclonia-deployment.yml b/namespaces/mineclonia/mineclonia-deployment.yml new file mode 100644 index 0000000..6cf2764 --- /dev/null +++ b/namespaces/mineclonia/mineclonia-deployment.yml @@ -0,0 +1,63 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mineclonia + namespace: mineclonia +spec: + replicas: 1 + selector: + matchLabels: + app: mineclonia + template: + metadata: + labels: + app: mineclonia + spec: + initContainers: + - name: mineclonia-updater + image: alpine + command: ["/bin/sh", "-c"] + args: + - | + set -e + apk add --no-cache curl unzip jq + mkdir -p /var/lib/minetest/.minetest + latest_release=$(curl -s https://codeberg.org/api/v1/repos/mineclonia/mineclonia/releases/latest | jq -r '.tag_name') + if [ ! -d "/var/lib/minetest/.minetest/games/mineclonia" ] || [ "$(cat /var/lib/minetest/.minetest/games/mineclonia/version.txt)" != "$latest_release" ]; then + echo "Updating Mineclonia to version $latest_release" + rm -rf /var/lib/minetest/.minetest/games/mineclonia + curl -L https://codeberg.org/mineclonia/mineclonia/archive/$latest_release.zip -o /tmp/mineclonia.zip + unzip /tmp/mineclonia.zip -d /var/lib/minetest/.minetest/games/ + echo "$latest_release" > /var/lib/minetest/.minetest/games/mineclonia/version.txt + else + echo "Mineclonia is up to date" + fi + # Ensure ownership of all data + chown -R 30000:30000 /var/lib/minetest + ls -ahl /var/lib/minetest + volumeMounts: + - name: data + mountPath: /var/lib/minetest + containers: + - name: mineclonia + image: ghcr.io/minetest/minetest + ports: + - containerPort: 30000 + protocol: UDP + - containerPort: 30000 + protocol: TCP + volumeMounts: + - name: data + mountPath: /var/lib/minetest + - name: config + mountPath: /etc/minetest + args: ["minetest", "--gameid", "mineclonia"] + stdin: true + tty: true + volumes: + - name: config + configMap: + name: mineclonia-config + - name: data + persistentVolumeClaim: + claimName: mineclonia-data diff --git a/namespaces/mineclonia/mineclonia-pvc.yml b/namespaces/mineclonia/mineclonia-pvc.yml new file mode 100644 index 0000000..5654397 --- /dev/null +++ b/namespaces/mineclonia/mineclonia-pvc.yml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mineclonia-data + namespace: mineclonia +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 64Gi + storageClassName: longhorn diff --git a/namespaces/mineclonia/mineclonia-service.yml b/namespaces/mineclonia/mineclonia-service.yml new file mode 100644 index 0000000..7d0c0f9 --- /dev/null +++ b/namespaces/mineclonia/mineclonia-service.yml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: mineclonia + namespace: mineclonia + annotations: + metallb.universe.tf/allow-shared-ip: mineclonia +spec: + selector: + app: mineclonia + ports: + - protocol: UDP + port: 30000 + targetPort: 30000 + - protocol: TCP + port: 30000 + targetPort: 30000 + type: LoadBalancer + loadBalancerIP: 192.168.1.4 diff --git a/namespaces/mineclonia/namespace.yml b/namespaces/mineclonia/namespace.yml new file mode 100644 index 0000000..cbcbb94 --- /dev/null +++ b/namespaces/mineclonia/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: mineclonia \ No newline at end of file diff --git a/namespaces/monitoring/kube-prometheus-stack-chart.yml b/namespaces/monitoring/kube-prometheus-stack-chart.yml index 8bf22d1..4736d95 100644 --- a/namespaces/monitoring/kube-prometheus-stack-chart.yml +++ b/namespaces/monitoring/kube-prometheus-stack-chart.yml @@ -7,7 +7,8 @@ spec: chart: kube-prometheus-stack targetNamespace: monitoring repo: https://prometheus-community.github.io/helm-charts - version: 58.5.3 + # https://artifacthub.io/packages/helm/prometheus-community/kube-prometheus-stack + version: 67.5.0 valuesContent: |- grafana: defaultDashboardsTimezone: "US/Eastern" diff --git a/namespaces/monitoring/loki-chart.yml b/namespaces/monitoring/loki-chart.yml index 224526f..b284895 100644 --- a/namespaces/monitoring/loki-chart.yml +++ b/namespaces/monitoring/loki-chart.yml @@ -7,15 +7,19 @@ spec: chart: loki targetNamespace: monitoring repo: https://grafana.github.io/helm-charts - version: 6.5.2 + # https://artifacthub.io/packages/helm/grafana/loki + version: 6.24.0 valuesContent: |- deploymentMode: SingleBinary loki: auth_enabled: false commonConfig: replication_factor: 1 + serviceMonitor: + namespaceSelector: + any: true storage: - type: s3 + type: 'filesystem' schemaConfig: configs: - from: 2024-01-01 @@ -25,9 +29,6 @@ spec: period: 24h object_store: filesystem schema: v13 - serviceMonitor: - namespaceSelector: - any: true singleBinary: replicas: 1 persistence: @@ -39,5 +40,3 @@ spec: replicas: 0 write: replicas: 0 - minio: - enabled: true diff --git a/namespaces/pihole/ingress.yml b/namespaces/pihole/ingress.yml new file mode 100644 index 0000000..327bfe8 --- /dev/null +++ b/namespaces/pihole/ingress.yml @@ -0,0 +1,15 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: gitea-ingress + namespace: git + +spec: + entryPoints: + - web + routes: + - match: Path(`/`) + kind: Rule + services: + - name: gitea-http + port: 3000 diff --git a/namespaces/pihole/namespace.yml b/namespaces/pihole/namespace.yml new file mode 100644 index 0000000..b1f2782 --- /dev/null +++ b/namespaces/pihole/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: git \ No newline at end of file diff --git a/namespaces/pihole/pihole-chart.yml b/namespaces/pihole/pihole-chart.yml new file mode 100644 index 0000000..0de2148 --- /dev/null +++ b/namespaces/pihole/pihole-chart.yml @@ -0,0 +1,38 @@ +# helm repo add mojo2600 https://mojo2600.github.io/pihole-kubernetes/ +# helm install pihole mojo2600/pihole +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: pihole + namespace: pihole +spec: + chart: pihole + targetNamespace: pihole + repo: https://mojo2600.github.io/pihole-kubernetes/ + valuesContent: |- + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 1 + memory: 512Mi + persistentVolumeClaim: + enabled: true + podDnsConfig: + enabled: true + policy: "None" + nameservers: + - 68.94.156.11 + - 68.94.157.11 + service: + web: + type: LoadBalancer + loadBalancerIP: 192.168.178.252 + annotations: + metallb.universe.tf/allow-shared-ip: pihole-svc + dns: + type: LoadBalancer + loadBalancerIP: 192.168.178.252 + annotations: + metallb.universe.tf/allow-shared-ip: pihole-svc diff --git a/namespaces/tes3mp/ingress.yml b/namespaces/tes3mp/ingress.yml new file mode 100644 index 0000000..ae3e81a --- /dev/null +++ b/namespaces/tes3mp/ingress.yml @@ -0,0 +1,13 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRouteUDP +metadata: + name: tes3mp-ingress + namespace: tes3mp + +spec: + entryPoints: + - tes3mpudp + routes: + - services: + - name: tes3mp + port: 25566 diff --git a/namespaces/tes3mp/namespace.yml b/namespaces/tes3mp/namespace.yml new file mode 100644 index 0000000..a6df02f --- /dev/null +++ b/namespaces/tes3mp/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: tes3mp \ No newline at end of file diff --git a/namespaces/tes3mp/pvc.yml b/namespaces/tes3mp/pvc.yml new file mode 100644 index 0000000..390fb59 --- /dev/null +++ b/namespaces/tes3mp/pvc.yml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: server-data + namespace: tes3mp +spec: + accessModes: + - ReadWriteOnce + storageClassName: local-path + resources: + requests: + storage: 20Gi diff --git a/namespaces/tes3mp/tes3mp-config-configmap.yml b/namespaces/tes3mp/tes3mp-config-configmap.yml new file mode 100644 index 0000000..3615c6c --- /dev/null +++ b/namespaces/tes3mp/tes3mp-config-configmap.yml @@ -0,0 +1,39 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: tes3mp-config + namespace: tes3mp +data: + requiredDataFiles.json: |- + // This file lets you enforce a certain plugin list and order for all clients + // attempting to join this server + // + // By default, only the English and Russian editions of Morrowind are allowed, + // because the German and French editions have hardcoded translations, whereas + // the Russian edition has localization files that make it compatible with the + // English edition + [ + {"Morrowind.esm": ["0x7B6AF5B9","0x34282D67"]}, + {"Tribunal.esm": ["0xF481F334","0x211329EF"]}, + {"Bloodmoon.esm": ["0x43DD2132","0x9EB62F26"]}, + {"Tamriel_Data.esm": ["0x2E8EC19F"]}, + {"TR_Mainland.esm": ["0xA78714D4"]}, + {"Sky_Main.esm": ["0xE5648B71"]}, + {"Cyrodiil_Main.esm": ["0x14D56E88"]}, + {"TR_Travels.esp": ["0xC24DC7C6"]}, + {"TR_Preview.esp": ["0xB1D688B3"]}, + {"TR_Factions.esp": ["0x84C19D6F"]}, + {"Sky_Main_Grass.esp": ["0x9820BE61"]}, + {"Cyrodiil_Grass.ESP": ["0x4A3E1381"]}, + {"adamantiumarmor.esp": ["0x4DDF4A34"]}, + {"AreaEffectArrows.esp": ["0xB29A46C5"]}, + {"bcsounds.esp": ["0x7772EBC8"]}, + {"Siege at Firemoth.esp": ["0xFD12AACE"]}, + {"EBQ_Artifact.esp": ["0x4AD30387"]}, + {"entertainers.esp": ["0xCD1A732C"]}, + {"LeFemmArmor.esp": ["0xE0FDB999"]}, + {"master_index.esp": ["0xD26DFC35"]}, + {"Better Balanced Combat.esp": ["0xD85D3885"]}, + {"Better Balanced Combat - Tamriel Rebuilt Patch.esp": ["0x5C95169D"]}, + {"Better Balanced Combat - Siege at Firemoth Patch.esp": ["0x40B0572"]}, + ] diff --git a/namespaces/tes3mp/tes3mp-deployment.yml b/namespaces/tes3mp/tes3mp-deployment.yml new file mode 100644 index 0000000..5a20faa --- /dev/null +++ b/namespaces/tes3mp/tes3mp-deployment.yml @@ -0,0 +1,55 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: tes3mp + labels: + app: tes3mp +spec: + replicas: 1 + selector: + matchLabels: + app: tes3mp + template: + metadata: + labels: + app: tes3mp + spec: + containers: + - name: tes3mp + image: tes3mp/server + resources: + requests: + memory: "64Mi" + cpu: "250m" + limits: + memory: "128Mi" + cpu: "500m" + env: + - name: TES3MP_SERVER_HOSTNAME + value: "Tes3mp Server" + - name: TES3MP_SERVER_PORT + value: "25566" + ports: + - containerPort: 25566 + protocol: UDP + securityContext: + readOnlyRootFilesystem: false + volumeMounts: + - name: tes3mp-config-volume + mountPath: /server/CoreScripts/data/requiredDataFiles.json + subPath: requiredDataFiles.json + - name: tes3mp-lua-config-volume + mountPath: /server/CoreScripts/scripts/config.lua + subPath: config.lua + - name: server-data + mountPath: /server/data + volumes: + - name: tes3mp-config-volume + configMap: + name: tes3mp-config + - name: tes3mp-lua-config-volume + configMap: + name: tes3mp-lua-config + - name: server-data + persistentVolumeClaim: + claimName: server-data \ No newline at end of file diff --git a/namespaces/tes3mp/tes3mp-lua-config-configmap.yml b/namespaces/tes3mp/tes3mp-lua-config-configmap.yml new file mode 100644 index 0000000..aa7a5e9 --- /dev/null +++ b/namespaces/tes3mp/tes3mp-lua-config-configmap.yml @@ -0,0 +1,347 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: tes3mp-lua-config + namespace: tes3mp +data: + config.lua: |- + config = {} + + -- The path used by the server for its data folder + config.dataPath = tes3mp.GetDataPath() + + -- The game mode displayed for this server in the server browser + config.gameMode = "Default" + + -- Time to login, in seconds + config.loginTime = 60 + + -- How many clients are allowed to connect from the same IP address + config.maxClientsPerIP = 3 + + -- The difficulty level used by default + -- Note: In OpenMW, the difficulty slider goes between -100 and 100, with 0 as the default, + -- though you can use any integer value here + config.difficulty = 0 + + -- The world time used for a newly created world + config.defaultTimeTable = { year = 427, month = 7, day = 16, hour = 9, + daysPassed = 1, dayTimeScale = 30, nightTimeScale = 40 } + + -- The chat window instructions that show up when players join the server + config.chatWindowInstructions = "Use " .. color.Yellow .. "Y" .. color.White .. " by default to chat or change it" .. + " from your client config. Type in " .. color.Yellow .. "/help" .. color.White .. " to see the commands" .. + " available to you. Use " .. color.Yellow .. "F2" .. color.White .. " by default to hide the chat window.\n" + + -- Whether the world time should continue passing when there are no players on the server + config.passTimeWhenEmpty = false + + -- The hours at which night is regarded as starting and ending, used to pass time using a + -- different timescale when it's night + config.nightStartHour = 20 + config.nightEndHour = 6 + + -- Whether players should be allowed to use the ingame tilde (~) console by default + config.allowConsole = false + + -- Whether players should be allowed to rest in bed by default + config.allowBedRest = true + + -- Whether players should be allowed to rest in the wilderness by default + config.allowWildernessRest = true + + -- Whether players should be allowed to wait by default + config.allowWait = true + + -- Whether journal entries should be shared across the players on the server or not + config.shareJournal = false + + -- Whether faction ranks should be shared across the players on the server or not + config.shareFactionRanks = false + + -- Whether faction expulsion should be shared across the players on the server or not + config.shareFactionExpulsion = false + + -- Whether faction reputation should be shared across the players on the server or not + config.shareFactionReputation = false + + -- Whether dialogue topics should be shared across the players on the server or not + config.shareTopics = false + + -- Whether crime bounties should be shared across players on the server or not + config.shareBounty = false + + -- Whether reputation should be shared across players on the server or not + config.shareReputation = false + + -- Whether map exploration should be shared across players on the server or not + config.shareMapExploration = false + + -- Whether ingame videos should be played for other players when triggered by one player + config.shareVideos = false + + -- The cell that newly created players are teleported to + config.defaultSpawnCell = "-3, -2" + + -- The X, Y and Z position that newly created players are teleported to + config.defaultSpawnPos = {-23894.0, -15079.0, 505} + + -- The X and Z rotation that newly created players are assigned + config.defaultSpawnRot = {0, 1.2} + + -- The cell that players respawn in, unless overridden below by other respawn options + config.defaultRespawnCell = "Balmora, Temple" + + -- The X, Y and Z position that players respawn in + config.defaultRespawnPos = {4700.5673828125, 3874.7416992188, 14758.990234375} + + -- The X and Z rotation that respawned players are assigned + config.defaultRespawnRot = {0.25314688682556, 1.570611000061} + + -- Whether the default respawn location should be ignored in favor of respawning the + -- player at the nearest Imperial shrine + config.respawnAtImperialShrine = true + + -- Whether the default respawn location should be ignored in favor of respawning the + -- player at the nearest Tribunal temple + -- Note: When both this and the Imperial shrine option are enabled, there is a 50% + -- chance of the player being respawned at either + config.respawnAtTribunalTemple = true + + -- The maximum value that any attribute except Speed is allowed to have + config.maxAttributeValue = 200 + + -- The maximum value that Speed is allowed to have + -- Note: Speed is given special treatment because of the Boots of Blinding Speed + config.maxSpeedValue = 365 + + -- The maximum value that any skill except Acrobatics is allowed to have + config.maxSkillValue = 200 + + -- The maximum value that Acrobatics is allowed to have + -- Note: Acrobatics is given special treatment because of the Scroll of Icarian Flight + config.maxAcrobaticsValue = 1200 + + -- Allow modifier values to bypass allowed skill values + config.ignoreModifierWithMaxSkill = false + + -- The refIds of items that players are not allowed to equip for balancing reasons + config.bannedEquipmentItems = { "helseth's ring" } + + -- Whether players should respawn when dying + config.playersRespawn = true + + -- Time to stay dead before being respawned, in seconds + config.deathTime = 5 + + -- The number of days spent in jail as a penalty for dying, when respawning + config.deathPenaltyJailDays = 5 + + -- Whether players' bounties are reset to 0 after dying + config.bountyResetOnDeath = false + + -- Whether players spend time in jail proportional to their bounty after dying + -- Note: If deathPenaltyJailDays is also enabled, that penalty will be added to + -- this one + config.bountyDeathPenalty = true + + -- Whether players should be allowed to use the /suicide command + config.allowSuicideCommand = true + + -- Whether players should be allowed to use the /fixme command + config.allowFixmeCommand = true + + -- How many seconds need to pass between uses of the /fixme command by a player + config.fixmeInterval = 30 + + -- The colors used for different ranks on the server + config.rankColors = { serverOwner = color.Orange, admin = color.Red, moderator = color.Green } + + -- Which numerical IDs should be used by custom menus implemented in the Lua scripts, + -- to prevent other menu inputs from being taken into account for them + config.customMenuIds = { menuHelper = 9001, confiscate = 9002, recordPrint = 9003 } + + -- The menu files that should be loaded for menuHelper, from the scripts/menu subfolder + config.menuHelperFiles = { "help", "defaultCrafting", "advancedExample" } + + -- What the difference in ping needs to be in favor of a new arrival to a cell or region + -- compared to that cell or region's current player authority for the new arrival to become + -- the authority there + -- Note: Setting this too low will lead to constant authority changes which cause more lag + config.pingDifferenceRequiredForAuthority = 40 + + -- The log level enforced on clients by default, determining how much debug information + -- is displayed in their debug window and logs + -- Note 1: Set this to -1 to allow clients to use whatever log level they have set in + -- their client settings + -- Note 2: If you set this to 0 or 1, clients will be able to read about the movements + -- and actions of other players that they would otherwise not know about, + -- while also incurring a framerate loss on highly populated servers + config.enforcedLogLevel = -1 + + -- The physics framerate used by default + -- Note: In OpenMW, the physics framerate is 60 by default, but TES3MP has slightly higher + -- system requirements that make a default of 30 more appropriate. + config.physicsFramerate = 30 + + -- Whether players are allowed to interact with containers located in unloaded cells. + config.allowOnContainerForUnloadedCells = false + + -- Whether players should collide with other actors + config.enablePlayerCollision = true + + -- Whether actors should collide with other actors + config.enableActorCollision = true + + -- Whether placed objects should collide with actors + config.enablePlacedObjectCollision = false + + -- Enforce collision for certain placed object refIds even when enablePlacedObjectCollision + -- is false + config.enforcedCollisionRefIds = { "misc_uni_pillow_01", "misc_uni_pillow_02" } + + -- Whether placed object collision (when turned on) resembles actor collision, in that it + -- prevents players from standing on top of the placed objects without slipping + config.useActorCollisionForPlacedObjects = false + + -- Prevent certain object refIds from being deleted as a result of player-sent packets + config.disallowedDeleteRefIds = { "m'aiq" } + + -- Prevent certain object refIds from being placed or spawned as a result of player-sent packets + config.disallowedCreateRefIds = {} + + -- Prevent certain object refIds from being locked or unlocked as a result of player-sent packets + config.disallowedLockRefIds = {} + + -- Prevent certain object refIds from being trapped or untrapped as a result of player-sent packets + config.disallowedTrapRefIds = {} + + -- Prevent certain object refIds from being enabled or disabled as a result of player-sent packets + config.disallowedStateRefIds = {} + + -- Prevent object scales from being set this high + config.maximumObjectScale = 20 + + -- The prefix used for automatically generated record IDs + -- Note 1: Records with automatically generated IDs get erased when there are no more instances of + -- them in player inventories/spellbooks or in cells + -- Note 2: By default, records created through regular gameplay (i.e. player-created spells, potions, + -- enchantments and enchanted items) use automatically generated record IDs, as do records created + -- via the /createrecord command when no ID is specified there + config.generatedRecordIdPrefix = "$custom" + + -- The types of record stores used on this server in the order in which they should be loaded for + -- players, with the correct order ensuring that enchantments are loaded before items that might be + -- using those enchantments or ensuring that NPCs are loaded after the items they might have in their + -- inventories + config.recordStoreLoadOrder = { "spell", "potion", "enchantment", "armor", "book", "clothing", "weapon", + "miscellaneous", "creature", "npc" } + + -- The types of records that can be enchanted and therefore have links to enchantment records + config.enchantableRecordTypes = { "armor", "book", "clothing", "weapon" } + + -- The types of records that can be stored by players and therefore have links to players, + -- listed in the order in which they should be loaded + config.carriableRecordTypes = { "spell", "potion", "armor", "book", "clothing", "weapon", "miscellaneous" } + + -- The settings which are accepted as input for different record types when using /storerecord + config.validRecordSettings = { + armor = { "baseId", "id", "name", "model", "icon", "script", "enchantmentId", "enchantmentCharge", + "subtype", "weight", "value", "health", "armorRating" }, + book = { "baseId", "id", "name", "model", "icon", "script", "enchantmentId", "enchantmentCharge", + "text", "weight", "value", "scrollState", "skillId" }, + clothing = { "baseId", "id", "name", "model", "icon", "script", "enchantmentId", "enchantmentCharge", + "subtype", "weight", "value" }, + creature = { "baseId", "id", "name", "model", "script", "subtype", "level", "health", "magicka", + "fatigue", "aiFight", "flags" }, + enchantment = { "baseId", "id", "subtype", "cost", "charge", "autoCalc", "effects" }, + miscellaneous = { "baseId", "id", "name", "model", "icon", "script", "weight", "value", "keyState" }, + npc = { "baseId", "inventoryBaseId", "id", "name", "script", "flags", "gender", "race", "model", "hair", + "head", "class", "faction", "level", "health", "magicka", "fatigue", "aiFight", "autoCalc" }, + potion = { "baseId", "id", "name", "model", "icon", "script", "weight", "value", "autoCalc" }, + spell = { "baseId", "id", "name", "subtype", "cost", "flags", "effects" }, + weapon = { "baseId", "id", "name", "model", "icon", "script", "enchantmentId", "enchantmentCharge", + "subtype", "weight", "value", "health", "speed", "reach", "damageChop", "damageSlash", "damageThrust", + "flags" } + } + + -- The settings which need to be provided when creating a new record that isn't based at all + -- on an existing one, i.e. a new record that is missing a baseId + config.requiredRecordSettings = { + armor = { "name", "model" }, + book = { "name", "model" }, + clothing = { "name", "model" }, + creature = { "name", "model" }, + enchantment = {}, + miscellaneous = { "name", "model" }, + npc = { "name", "race", "class" }, + potion = { "name", "model" }, + spell = { "name" }, + weapon = { "name", "model" } + } + + -- The record type settings whose input should be converted to numerical values when using /storerecord + config.numericalRecordSettings = { "subtype", "weight", "value", "cost", "charge", "health", "armorRating", + "speed", "reach", "level", "magicka", "fatigue", "aiFight", "autoCalc", "gender", "flags", "enchantmentCharge" } + + -- The record type settings whose input should be converted to booleans when using /storerecord + config.booleanRecordSettings = { "scrollState", "keyState" } + + -- The record type settings whose input should be converted to tables with a min and a max numerical value + config.minMaxRecordSettings = { "damageChop", "damageSlash", "damageThrust" } + + -- The types of object and actor packets stored in cell data + config.cellPacketTypes = { "delete", "place", "spawn", "lock", "trap", "scale", "state", "doorState", + "container", "equipment", "ai", "death", "actorList", "position", "statsDynamic", "cellChangeTo", + "cellChangeFrom" } + + -- Whether the server should enforce that all clients connect with a specific list of data files + -- defined in data/requiredDataFiles.json + -- Warning: Only set this to false if you trust the people connecting and are sure they know + -- what they're doing. Otherwise, you risk getting corrupt server data from + -- their usage of unshared plugins. + config.enforceDataFiles = true + + -- Whether the server should avoid crashing when Lua script errors occur + -- Warning: Only set this to true if you want to have a highly experimental server where + -- important data can potentially stay unloaded or get overwritten + config.ignoreScriptErrors = false + + -- The type of database or data format used by the server + -- Valid values: json, sqlite3 + -- Note: The latter is only partially implemented as of now + config.databaseType = "json" + + -- The location of the database file + -- Note: Not applicable when using json + config.databasePath = config.dataPath .. "/database.db" -- Path where database is stored + + -- Disallow players from including the following in their own names or the names of their custom items + -- Note: Unfortunately, these are based on real names that trolls have been using on servers + config.disallowedNameStrings = { "bitch", "blowjob", "blow job", "cocksuck", "cunt", "ejaculat", + "faggot", "fellatio", "fuck", "gas the ", "Hitler", "jizz", "nigga", "nigger", "smegma", "vagina", "whore" } + + -- The order in which table keys should be saved to JSON files + config.playerKeyOrder = { "login", "settings", "character", "customClass", "location", "stats", + "fame", "shapeshift", "attributes", "attributeSkillIncreases", "skills", "skillProgress", + "recordLinks", "equipment", "inventory", "spellbook", "books", "factionRanks", "factionReputation", + "factionExpulsion", "mapExplored", "ipAddresses", "customVariables", "admin", "difficulty", + "enforcedLogLevel", "physicsFramerate", "consoleAllowed", "bedRestAllowed", + "wildernessRestAllowed", "waitAllowed", "gender", "race", "head", "hair", "class", "birthsign", + "cell", "posX", "posY", "posZ", "rotX", "rotZ", "healthBase", "healthCurrent", "magickaBase", + "magickaCurrent", "fatigueBase", "fatigueCurrent" } + + config.cellKeyOrder = { "packets", "entry", "lastVisit", "recordLinks", "objectData", "refId", "count", + "charge", "enchantmentCharge", "location", "actorList", "ai", "summon", "stats", "cellChangeFrom", + "cellChangeTo", "container", "death", "delete", "doorState", "equipment", "inventory", "lock", + "place", "position", "scale", "spawn", "state", "statsDynamic", "trap" } + + config.recordstoreKeyOrder = { "general", "permanentRecords", "generatedRecords", "recordLinks", + "id", "baseId", "name", "subtype", "gender", "race", "hair", "head", "class", "faction", "cost", + "value", "charge", "weight", "autoCalc", "flags", "icon", "model", "script", "attribute", "skill", + "rangeType", "area", "duration", "magnitudeMax", "magnitudeMin", "effects", "players", "cells", "global" } + + config.worldKeyOrder = { "general", "time", "topics", "kills", "journal", "customVariables", "type", + "index", "quest", "actorRefId", "year", "month", "day", "hour", "daysPassed", "timeScale" } + + return config \ No newline at end of file diff --git a/namespaces/tes3mp/tes3mp-service.yml b/namespaces/tes3mp/tes3mp-service.yml new file mode 100644 index 0000000..21f153c --- /dev/null +++ b/namespaces/tes3mp/tes3mp-service.yml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: tes3mp +spec: + selector: + app: tes3mp + ports: + - protocol: UDP + port: 25566 + targetPort: 25566 + type: LoadBalancer