blob: 9f0f421d528bed5815195ec262828ac3d5d0e0e5 [file] [log] [blame]
local kube = import "../../kube/kube.libsonnet";
{
local top = self,
env(ns, name):: {
local env = self,
local cfg = env.cfg,
cfg:: {
name: name,
displayName: name,
image: "mbround18/valheim:latest",
password: error "password must be set",
storageClassName: "waw-hdd-redundant-3",
port: 2456,
},
local named = function(component) "%s-%s" % [name, component],
game: {
local game = self,
pvcs: {
backups: ns.Contain(kube.PersistentVolumeClaim(named("backups"))) {
spec+: {
storageClassName: cfg.storageClassName,
accessModes: ["ReadWriteOnce"],
resources: {
requests: { storage: "10Gi" },
},
},
},
saves: ns.Contain(kube.PersistentVolumeClaim(named("saves"))) {
spec+: {
storageClassName: cfg.storageClassName,
accessModes: ["ReadWriteOnce"],
resources: {
requests: { storage: "10Gi" },
},
},
},
server: ns.Contain(kube.PersistentVolumeClaim(named("server"))) {
spec+: {
storageClassName: cfg.storageClassName,
accessModes: ["ReadWriteOnce"],
resources: {
requests: { storage: "10Gi" },
},
},
},
},
svc: ns.Contain(kube.Service(named("external"))) {
target_pod:: game.deployment.spec.template,
spec+: {
ports: kube.mapToNamedList({
zero: { port: cfg.port, targetPort: cfg.port, protocol: "UDP" },
one: { port: cfg.port+1, targetPort: cfg.port+1, protocol: "UDP" },
two: { port: cfg.port+2, targetPort: cfg.port+2, protocol: "UDP" },
}),
type: "LoadBalancer",
},
},
scripts: ns.Contain(kube.ConfigMap(named("scripts"))) {
data: {
# Based on https://github.com/mbround18/valheim-docker ,
# removed all reliance on running as root (thus removed
# autoupdater/autobackups).
"entrypoint.sh": |||
#!/usr/bin/env bash
log() {
PREFIX="[entrypoint]"
printf "%-16s: %s\n" "${PREFIX}" "$1"
}
line() {
log "==========================================================================="
}
setup_filesystem() {
log "Setting up file systems"
mkdir -p /home/steam/valheim
mkdir -p /home/steam/valheim/logs
mkdir -p /home/steam/backups
mkdir -p /home/steam/scripts
mkdir -p /home/steam/valheim
cp /home/steam/steamcmd/linux64/steamclient.so /home/steam/valheim
}
line
log "Valheim Server - $(date)"
log "Initializing your container..."
line
setup_filesystem
log "Launching the rest of the fucking owl"
cd /home/steam/valheim || exit 1
exec "$@"
|||
},
},
secret: ns.Contain(kube.Secret(named("game"))) {
data_: {
# public game password
public: cfg.password,
},
},
deployment: ns.Contain(kube.Deployment(named("game"))) {
spec+: {
template+: {
spec+: {
containers_: {
default: kube.Container("default") {
image: cfg.image,
command: [
"/bin/bash", "/scripts/entrypoint.sh", "/home/steam/scripts/start_valheim.sh",
],
volumeMounts_: {
backups: { mountPath: "/home/steam/backups" },
saves: { mountPath: "/home/steam/.config/unity3d/IronGate/Valheim" },
server: { mountPath: "/home/steam/valheim" },
scripts: { mountPath: "/scripts" },
},
ports_: {
zero: { containerPort: cfg.port },
one: { containerPort: cfg.port + 1 },
two: { containerPort: cfg.port + 2 },
},
env_: {
PUBLIC: "1",
PASSWORD: kube.SecretKeyRef(game.secret, "public"),
NAME: cfg.displayName,
# Always attempt to update valheim on startup.
FORCE_INSTALL: "1",
},
resources: {
requests: {
cpu: "500m",
memory: "2Gi",
},
limits: {
cpu: "1000m",
memory: "4Gi",
},
},
},
},
securityContext: {
runAsUser: 1000,
runAsGroup: 1000,
fsGroup: 1000,
},
volumes_: {
backups: kube.PersistentVolumeClaimVolume(game.pvcs.backups),
saves: kube.PersistentVolumeClaimVolume(game.pvcs.saves),
server: kube.PersistentVolumeClaimVolume(game.pvcs.server),
scripts: kube.ConfigMapVolume(game.scripts),
},
},
},
},
},
},
},
# Make namespace for valheim.
ns: kube.Namespace("valheim"),
# Allow patryk and palid to administer this namespace via the namespace-admin clusterrole.
adminRB: top.ns.Contain(kube.RoleBinding("sso:admins")) {
subjects: [
{ apiGroup: "rbac.authorization.k8s.io", kind: "User", name: "%s@hackerspace.pl" % [u] }
for u in ["patryk", "palid"]
],
roleRef: {
apiGroup: "rbac.authorization.k8s.io",
kind: "ClusterRole",
name: "system:admin-namespace",
},
},
q3k: top.env(top.ns, "q3k") {
cfg+: {
ns: "valheim",
password: (std.split(importstr "secrets/plain/q3k-public", "\n"))[0],
displayName: "wypierdol z polski xD",
},
},
}