home-ops
home-ops copied to clipboard
axeII
feat: adds minecraft configuration
Description of the change
Adds minecraft yay
Benefits or applicable issues
Share with friends, also log4j let's goo
🦙 MegaLinter status: ✅ SUCCESS
| Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|
See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff
MegaLinter is graciously provided by 
--- kubernetes/apps Kustomization: flux-system/cluster-apps Namespace: flux-system/games
+++ kubernetes/apps Kustomization: flux-system/cluster-apps Namespace: flux-system/games
@@ -0,0 +1,11 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ labels:
+ goldilocks.fairwinds.com/enabled: 'true'
+ kustomize.toolkit.fluxcd.io/name: cluster-apps
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ kustomize.toolkit.fluxcd.io/prune: disabled
+ name: games
+
--- kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/minecraft
+++ kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/minecraft
@@ -0,0 +1,34 @@
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+ labels:
+ kustomize.toolkit.fluxcd.io/name: cluster-apps
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: minecraft
+ namespace: flux-system
+spec:
+ commonMetadata:
+ labels:
+ app.kubernetes.io/name: minecraft
+ decryption:
+ provider: sops
+ secretRef:
+ name: sops-age
+ interval: 30m
+ path: ./kubernetes/apps/games/minecraft/app
+ postBuild:
+ substituteFrom:
+ - kind: ConfigMap
+ name: cluster-settings
+ - kind: Secret
+ name: cluster-secrets
+ prune: true
+ retryInterval: 1m
+ sourceRef:
+ kind: GitRepository
+ name: home-kubernetes
+ targetNamespace: games
+ timeout: 5m
+ wait: false
+
--- kubernetes/apps/media/plex/app Kustomization: flux-system/cluster-apps-plex HelmRelease: media/plex
+++ kubernetes/apps/media/plex/app Kustomization: flux-system/cluster-apps-plex HelmRelease: media/plex
@@ -38,13 +38,13 @@
env:
ADVERTISE_IP: https://plex.${SECRET_DOMAIN},http://${METALLB_PLEX_ADDR}:32400
NVIDIA_DRIVER_CAPABILITIES: all
NVIDIA_VISIBLE_DEVICES: all
PLEX_GID: 0
PLEX_UID: 0
- TZ: ${TZ}
+ TZ: ${TIMEZONE}
hostNetwork: true
image:
repository: ghcr.io/onedr0p/plex
tag: 1.32.8.7639-fb6452ebf@sha256:97bf4a8eac34de4b0df78e4fc3e2b501187161a3a264fa2b220bd51b0f89ba77
ingress:
main:
--- kubernetes/flux Kustomization: flux-system/cluster ConfigMap: flux-system/cluster-settings
+++ kubernetes/flux Kustomization: flux-system/cluster ConfigMap: flux-system/cluster-settings
@@ -4,12 +4,13 @@
METALLB_INGRESS_ADDR: 192.168.69.105
METALLB_K8S_GATEWAY_ADDR: 192.168.69.106
METALLB_LB_RANGE: 192.168.69.100-192.168.69.110
METALLB_PLEX_ADDR: 192.168.69.101
NFS_BACKUP: nfs://192.168.69.69:/mnt/ThiccBoi/k3s
SHARED_IP: my-shared-ip
+ SVC_MINECRAFT_ADDR: 192.168.69.102
TIMEZONE: Europe/Berlin
USER_ID: '65534'
kind: ConfigMap
metadata:
labels:
kustomize.toolkit.fluxcd.io/name: cluster
--- kubernetes/apps/games/minecraft/app Kustomization: flux-system/minecraft ExternalSecret: games/minecraft
+++ kubernetes/apps/games/minecraft/app Kustomization: flux-system/minecraft ExternalSecret: games/minecraft
@@ -0,0 +1,25 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+ labels:
+ app.kubernetes.io/name: minecraft
+ kustomize.toolkit.fluxcd.io/name: minecraft
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: minecraft
+ namespace: games
+spec:
+ dataFrom:
+ - extract:
+ key: minecraft
+ secretStoreRef:
+ kind: ClusterSecretStore
+ name: onepassword-connect
+ target:
+ creationPolicy: Owner
+ name: minecraft-secret
+ template:
+ data:
+ RCON_PASSWORD: '{{ .RCON_PASSWORD }}'
+ engineVersion: v2
+
--- kubernetes/apps/games/minecraft/app Kustomization: flux-system/minecraft HelmRelease: games/minecraft
+++ kubernetes/apps/games/minecraft/app Kustomization: flux-system/minecraft HelmRelease: games/minecraft
@@ -0,0 +1,132 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta2
+kind: HelmRelease
+metadata:
+ labels:
+ app.kubernetes.io/name: minecraft
+ kustomize.toolkit.fluxcd.io/name: minecraft
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: minecraft
+ namespace: games
+spec:
+ chart:
+ spec:
+ chart: minecraft
+ sourceRef:
+ kind: HelmRepository
+ name: minecraft-server
+ namespace: flux-system
+ version: 4.15.0
+ dependsOn:
+ - name: longhorn
+ namespace: longhorn-system
+ install:
+ createNamespace: true
+ remediation:
+ retries: 3
+ interval: 30m
+ maxHistory: 2
+ uninstall:
+ keepHistory: false
+ upgrade:
+ cleanupOnFail: true
+ remediation:
+ retries: 3
+ values:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: kubernetes.io/hostname
+ operator: In
+ values:
+ - k8s-2
+ deploymentAnnotations:
+ secret.reloader.stakater.com/reload: minecraft-secret
+ extraEnv:
+ ENABLE_AUTOPAUSE: false
+ TZ: ${TIMEZONE}
+ image:
+ repository: ghcr.io/itzg/minecraft-server
+ tag: java17
+ livenessProbe:
+ enabled: false
+ minecraftServer:
+ difficulty: normal
+ eula: true
+ extraPorts:
+ - containerPort: 9225
+ ingress:
+ enabled: false
+ name: metrics
+ protocol: TCP
+ service:
+ embedded: false
+ enabled: true
+ port: 9225
+ type: ClusterIP
+ - containerPort: 8123
+ ingress:
+ enabled: true
+ hosts:
+ - name: minecraft.${SECRET_DOMAIN}
+ path: /
+ ingressClassName: nginx
+ tls:
+ - hosts:
+ - minecraft.${SECRET_DOMAIN}
+ secretName: minecraft.${SECRET_DOMAIN}
+ name: map
+ protocol: TCP
+ service:
+ embedded: false
+ enabled: true
+ port: 8123
+ type: ClusterIP
+ forceReDownload: true
+ gameMode: survival
+ jvmXXOpts: -XX:MaxRAMPercentage=75
+ maxTickTime: -1
+ memory: 8192M
+ motd: We have cookies
+ onlineMode: false
+ ops: akira
+ pvp: false
+ rcon:
+ enabled: true
+ serviceType: ClusterIP
+ serviceType: LoadBalancer
+ spawnProtection: 0
+ spigetResources:
+ - 36618
+ type: SPIGOT
+ version: 1.20.2
+ viewDistance: 12
+ whitelist: akira
+ worldSaveName: Empire
+ persistence:
+ dataDir:
+ Size: 5G
+ enabled: true
+ storageClass: longhorn
+ readinessProbe:
+ enabled: false
+ resources:
+ limits:
+ memory: 8Gi
+ requests:
+ cpu: 500m
+ securityContext:
+ fsGroup: 1000
+ runAsUser: 1000
+ serviceAnnotations:
+ metallb.universe.tf/loadBalancerIPs: ${SVC_MINECRAFT_ADDR}
+ startupProbe:
+ enabled: false
+ valuesFrom:
+ - kind: Secret
+ name: minecraft-secret
+ targetPath: minecraftServer.rcon.password
+ valuesKey: RCON_PASSWORD
+
![bot-akira[bot] avatar](https://avatars.githubusercontent.com/in/825512?v=4 "Published by a pub.dev verified publisher"){kind=small}
--- HelmRelease: media/plex Deployment: media/plex
+++ HelmRelease: media/plex Deployment: media/plex
@@ -47,13 +47,13 @@
value: all
- name: PLEX_GID
value: '0'
- name: PLEX_UID
value: '0'
- name: TZ
- value: ${TZ}
+ value: ${TIMEZONE}
ports:
- name: http
containerPort: 32400
protocol: TCP
volumeMounts:
- name: config
--- HelmRelease: games/minecraft PersistentVolumeClaim: games/minecraft-minecraft-datadir
+++ HelmRelease: games/minecraft PersistentVolumeClaim: games/minecraft-minecraft-datadir
@@ -0,0 +1,20 @@
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: minecraft-minecraft-datadir
+ labels:
+ app: minecraft-minecraft
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+ annotations:
+ volume.alpha.kubernetes.io/storage-class: default
+spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 5G
+
--- HelmRelease: games/minecraft Service: games/minecraft-minecraft-metrics
+++ HelmRelease: games/minecraft Service: games/minecraft-minecraft-metrics
@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: minecraft-minecraft-metrics
+ labels:
+ app: minecraft-minecraft-metrics
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+spec:
+ type: ClusterIP
+ ports:
+ - name: metrics
+ port: 9225
+ targetPort: metrics
+ protocol: TCP
+ selector:
+ app: minecraft-minecraft
+
--- HelmRelease: games/minecraft Service: games/minecraft-minecraft-map
+++ HelmRelease: games/minecraft Service: games/minecraft-minecraft-map
@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: minecraft-minecraft-map
+ labels:
+ app: minecraft-minecraft-map
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+spec:
+ type: ClusterIP
+ ports:
+ - name: map
+ port: 8123
+ targetPort: map
+ protocol: TCP
+ selector:
+ app: minecraft-minecraft
+
--- HelmRelease: games/minecraft Service: games/minecraft-minecraft
+++ HelmRelease: games/minecraft Service: games/minecraft-minecraft
@@ -0,0 +1,23 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: minecraft-minecraft
+ labels:
+ app: minecraft-minecraft
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+ annotations:
+ metallb.universe.tf/loadBalancerIPs: ${SVC_MINECRAFT_ADDR}
+spec:
+ type: LoadBalancer
+ ports:
+ - name: minecraft
+ port: 25565
+ targetPort: minecraft
+ protocol: TCP
+ selector:
+ app: minecraft-minecraft
+
--- HelmRelease: games/minecraft Service: games/minecraft-minecraft-rcon
+++ HelmRelease: games/minecraft Service: games/minecraft-minecraft-rcon
@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: minecraft-minecraft-rcon
+ labels:
+ app: minecraft-minecraft
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+spec:
+ type: ClusterIP
+ ports:
+ - name: rcon
+ port: 25575
+ targetPort: rcon
+ protocol: TCP
+ selector:
+ app: minecraft-minecraft
+
--- HelmRelease: games/minecraft Deployment: games/minecraft-minecraft
+++ HelmRelease: games/minecraft Deployment: games/minecraft-minecraft
@@ -0,0 +1,169 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: minecraft-minecraft
+ annotations:
+ secret.reloader.stakater.com/reload: minecraft-secret
+ labels:
+ app: minecraft-minecraft
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+spec:
+ replicas: 1
+ strategy:
+ type: Recreate
+ selector:
+ matchLabels:
+ app: minecraft-minecraft
+ template:
+ metadata:
+ labels:
+ app: minecraft-minecraft
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+ spec:
+ securityContext:
+ fsGroup: 2000
+ runAsGroup: 3000
+ runAsNonRoot: true
+ runAsUser: 1000
+ seccompProfile:
+ type: RuntimeDefault
+ containers:
+ - name: minecraft-minecraft
+ image: ghcr.io/itzg/minecraft-server:java17
+ imagePullPolicy: IfNotPresent
+ tty: true
+ stdin: true
+ resources:
+ limits:
+ memory: 8Gi
+ requests:
+ cpu: 500m
+ memory: 512Mi
+ readinessProbe:
+ exec:
+ command:
+ - mc-health
+ initialDelaySeconds: 30
+ periodSeconds: 5
+ failureThreshold: 20
+ successThreshold: 1
+ timeoutSeconds: 1
+ livenessProbe:
+ exec:
+ command:
+ - mc-health
+ initialDelaySeconds: 30
+ periodSeconds: 5
+ failureThreshold: 20
+ successThreshold: 1
+ timeoutSeconds: 1
+ env:
+ - name: EULA
+ value: 'true'
+ - name: TYPE
+ value: SPIGOT
+ - name: VERSION
+ value: 1.20.2
+ - name: DIFFICULTY
+ value: normal
+ - name: WHITELIST
+ value: akira
+ - name: OPS
+ value: akira
+ - name: MAX_PLAYERS
+ value: '20'
+ - name: MAX_WORLD_SIZE
+ value: '10000'
+ - name: FORCE_REDOWNLOAD
+ value: 'TRUE'
+ - name: MAX_BUILD_HEIGHT
+ value: '256'
+ - name: MAX_TICK_TIME
+ value: '-1'
+ - name: VIEW_DISTANCE
+ value: '12'
+ - name: MODE
+ value: survival
+ - name: MOTD
+ value: We have cookies
+ - name: PVP
+ value: 'false'
+ - name: LEVEL_TYPE
+ value: DEFAULT
+ - name: LEVEL
+ value: Empire
+ - name: SPIGET_RESOURCES
+ value: '36618'
+ - name: MODRINTH_ALLOWED_VERSION_TYPE
+ value: release
+ - name: ONLINE_MODE
+ value: 'false'
+ - name: MEMORY
+ value: 8192M
+ - name: JVM_XX_OPTS
+ value: -XX:MaxRAMPercentage=75
+ - name: OVERRIDE_SERVER_PROPERTIES
+ value: 'false'
+ - name: ENABLE_RCON
+ value: 'true'
+ - name: RCON_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: minecraft-minecraft-rcon
+ key: rcon-password
+ - name: ENABLE_AUTOPAUSE
+ value: 'false'
+ - name: TZ
+ value: ${TIMEZONE}
+ ports:
+ - name: minecraft
+ containerPort: 25565
+ protocol: TCP
+ - name: rcon
+ containerPort: 25575
+ protocol: TCP
+ - name: metrics
+ containerPort: 9225
+ protocol: TCP
+ - name: map
+ containerPort: 8123
+ protocol: TCP
+ volumeMounts:
+ - name: tmp
+ mountPath: /tmp
+ - name: datadir
+ mountPath: /data
+ - name: backupdir
+ mountPath: /backups
+ readOnly: true
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ fsGroup: 1000
+ readOnlyRootFilesystem: true
+ runAsUser: 1000
+ volumes:
+ - name: tmp
+ emptyDir: {}
+ - name: datadir
+ persistentVolumeClaim:
+ claimName: minecraft-minecraft-datadir
+ - name: backupdir
+ emptyDir: {}
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: kubernetes.io/hostname
+ operator: In
+ values:
+ - k8s-2
+
--- HelmRelease: games/minecraft Ingress: games/minecraft-minecraft-map
+++ HelmRelease: games/minecraft Ingress: games/minecraft-minecraft-map
@@ -0,0 +1,29 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: minecraft-minecraft-map
+ labels:
+ app: minecraft-minecraft-map
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+spec:
+ ingressClassName: nginx
+ tls:
+ - hosts:
+ - minecraft.${SECRET_DOMAIN}
+ secretName: minecraft.${SECRET_DOMAIN}
+ rules:
+ - host: minecraft.${SECRET_DOMAIN}
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: minecraft-minecraft-map
+ port:
+ number: 8123
+
--- kubernetes/apps Kustomization: flux-system/cluster-apps Namespace: flux-system/games
+++ kubernetes/apps Kustomization: flux-system/cluster-apps Namespace: flux-system/games
@@ -0,0 +1,11 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ labels:
+ goldilocks.fairwinds.com/enabled: 'true'
+ kustomize.toolkit.fluxcd.io/name: cluster-apps
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ kustomize.toolkit.fluxcd.io/prune: disabled
+ name: games
+
--- kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/minecraft
+++ kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/minecraft
@@ -0,0 +1,34 @@
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+ labels:
+ kustomize.toolkit.fluxcd.io/name: cluster-apps
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: minecraft
+ namespace: flux-system
+spec:
+ commonMetadata:
+ labels:
+ app.kubernetes.io/name: minecraft
+ decryption:
+ provider: sops
+ secretRef:
+ name: sops-age
+ interval: 30m
+ path: ./kubernetes/apps/games/minecraft/app
+ postBuild:
+ substituteFrom:
+ - kind: ConfigMap
+ name: cluster-settings
+ - kind: Secret
+ name: cluster-secrets
+ prune: true
+ retryInterval: 1m
+ sourceRef:
+ kind: GitRepository
+ name: home-kubernetes
+ targetNamespace: games
+ timeout: 5m
+ wait: false
+
--- kubernetes/apps/media/plex/app Kustomization: flux-system/cluster-apps-plex HelmRelease: media/plex
+++ kubernetes/apps/media/plex/app Kustomization: flux-system/cluster-apps-plex HelmRelease: media/plex
@@ -38,13 +38,13 @@
env:
ADVERTISE_IP: https://plex.${SECRET_DOMAIN},http://${METALLB_PLEX_ADDR}:32400
NVIDIA_DRIVER_CAPABILITIES: all
NVIDIA_VISIBLE_DEVICES: all
PLEX_GID: 0
PLEX_UID: 0
- TZ: ${TZ}
+ TZ: ${TIMEZONE}
hostNetwork: true
image:
repository: ghcr.io/onedr0p/plex
tag: 1.32.8.7639-fb6452ebf@sha256:97bf4a8eac34de4b0df78e4fc3e2b501187161a3a264fa2b220bd51b0f89ba77
ingress:
main:
--- kubernetes/flux Kustomization: flux-system/cluster ConfigMap: flux-system/cluster-settings
+++ kubernetes/flux Kustomization: flux-system/cluster ConfigMap: flux-system/cluster-settings
@@ -4,12 +4,13 @@
METALLB_INGRESS_ADDR: 192.168.69.105
METALLB_K8S_GATEWAY_ADDR: 192.168.69.106
METALLB_LB_RANGE: 192.168.69.100-192.168.69.110
METALLB_PLEX_ADDR: 192.168.69.101
NFS_BACKUP: nfs://192.168.69.69:/mnt/ThiccBoi/k3s
SHARED_IP: my-shared-ip
+ SVC_MINECRAFT_ADDR: 192.168.69.102
TIMEZONE: Europe/Berlin
USER_ID: '65534'
kind: ConfigMap
metadata:
labels:
kustomize.toolkit.fluxcd.io/name: cluster
--- kubernetes/apps/games/minecraft/app Kustomization: flux-system/minecraft ExternalSecret: games/minecraft
+++ kubernetes/apps/games/minecraft/app Kustomization: flux-system/minecraft ExternalSecret: games/minecraft
@@ -0,0 +1,25 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+ labels:
+ app.kubernetes.io/name: minecraft
+ kustomize.toolkit.fluxcd.io/name: minecraft
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: minecraft
+ namespace: games
+spec:
+ dataFrom:
+ - extract:
+ key: minecraft
+ secretStoreRef:
+ kind: ClusterSecretStore
+ name: onepassword-connect
+ target:
+ creationPolicy: Owner
+ name: minecraft-secret
+ template:
+ data:
+ RCON_PASSWORD: '{{ .RCON_PASSWORD }}'
+ engineVersion: v2
+
--- kubernetes/apps/games/minecraft/app Kustomization: flux-system/minecraft HelmRelease: games/minecraft
+++ kubernetes/apps/games/minecraft/app Kustomization: flux-system/minecraft HelmRelease: games/minecraft
@@ -0,0 +1,132 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta2
+kind: HelmRelease
+metadata:
+ labels:
+ app.kubernetes.io/name: minecraft
+ kustomize.toolkit.fluxcd.io/name: minecraft
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: minecraft
+ namespace: games
+spec:
+ chart:
+ spec:
+ chart: minecraft
+ sourceRef:
+ kind: HelmRepository
+ name: minecraft-server
+ namespace: flux-system
+ version: 4.15.0
+ dependsOn:
+ - name: longhorn
+ namespace: longhorn-system
+ install:
+ createNamespace: true
+ remediation:
+ retries: 3
+ interval: 30m
+ maxHistory: 2
+ uninstall:
+ keepHistory: false
+ upgrade:
+ cleanupOnFail: true
+ remediation:
+ retries: 3
+ values:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: kubernetes.io/hostname
+ operator: In
+ values:
+ - k8s-2
+ deploymentAnnotations:
+ secret.reloader.stakater.com/reload: minecraft-secret
+ extraEnv:
+ ENABLE_AUTOPAUSE: false
+ TZ: ${TIMEZONE}
+ image:
+ repository: ghcr.io/itzg/minecraft-server
+ tag: java17
+ livenessProbe:
+ enabled: false
+ minecraftServer:
+ difficulty: normal
+ eula: true
+ extraPorts:
+ - containerPort: 9225
+ ingress:
+ enabled: false
+ name: metrics
+ protocol: TCP
+ service:
+ embedded: false
+ enabled: true
+ port: 9225
+ type: ClusterIP
+ - containerPort: 8123
+ ingress:
+ enabled: true
+ hosts:
+ - name: minecraft.${SECRET_DOMAIN}
+ path: /
+ ingressClassName: nginx
+ tls:
+ - hosts:
+ - minecraft.${SECRET_DOMAIN}
+ secretName: minecraft.${SECRET_DOMAIN}
+ name: map
+ protocol: TCP
+ service:
+ embedded: false
+ enabled: true
+ port: 8123
+ type: ClusterIP
+ forceReDownload: true
+ gameMode: survival
+ jvmXXOpts: -XX:MaxRAMPercentage=75
+ maxTickTime: -1
+ memory: 8192M
+ motd: We have cookies
+ onlineMode: false
+ ops: akira
+ pvp: false
+ rcon:
+ enabled: true
+ serviceType: ClusterIP
+ serviceType: LoadBalancer
+ spawnProtection: 0
+ spigetResources:
+ - 36618
+ type: SPIGOT
+ version: 1.20.2
+ viewDistance: 12
+ whitelist: akira
+ worldSaveName: Empire
+ persistence:
+ dataDir:
+ Size: 5G
+ enabled: true
+ storageClass: longhorn
+ readinessProbe:
+ enabled: false
+ resources:
+ limits:
+ memory: 8Gi
+ requests:
+ cpu: 500m
+ securityContext:
+ fsGroup: 1000
+ runAsUser: 1000
+ serviceAnnotations:
+ metallb.universe.tf/loadBalancerIPs: ${SVC_MINECRAFT_ADDR}
+ startupProbe:
+ enabled: false
+ valuesFrom:
+ - kind: Secret
+ name: minecraft-secret
+ targetPath: minecraftServer.rcon.password
+ valuesKey: RCON_PASSWORD
+
--- HelmRelease: media/plex Deployment: media/plex
+++ HelmRelease: media/plex Deployment: media/plex
@@ -47,13 +47,13 @@
value: all
- name: PLEX_GID
value: '0'
- name: PLEX_UID
value: '0'
- name: TZ
- value: ${TZ}
+ value: ${TIMEZONE}
ports:
- name: http
containerPort: 32400
protocol: TCP
volumeMounts:
- name: config
--- HelmRelease: games/minecraft PersistentVolumeClaim: games/minecraft-minecraft-datadir
+++ HelmRelease: games/minecraft PersistentVolumeClaim: games/minecraft-minecraft-datadir
@@ -0,0 +1,20 @@
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: minecraft-minecraft-datadir
+ labels:
+ app: minecraft-minecraft
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+ annotations:
+ volume.alpha.kubernetes.io/storage-class: default
+spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 5G
+
--- HelmRelease: games/minecraft Service: games/minecraft-minecraft-metrics
+++ HelmRelease: games/minecraft Service: games/minecraft-minecraft-metrics
@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: minecraft-minecraft-metrics
+ labels:
+ app: minecraft-minecraft-metrics
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+spec:
+ type: ClusterIP
+ ports:
+ - name: metrics
+ port: 9225
+ targetPort: metrics
+ protocol: TCP
+ selector:
+ app: minecraft-minecraft
+
--- HelmRelease: games/minecraft Service: games/minecraft-minecraft-map
+++ HelmRelease: games/minecraft Service: games/minecraft-minecraft-map
@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: minecraft-minecraft-map
+ labels:
+ app: minecraft-minecraft-map
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+spec:
+ type: ClusterIP
+ ports:
+ - name: map
+ port: 8123
+ targetPort: map
+ protocol: TCP
+ selector:
+ app: minecraft-minecraft
+
--- HelmRelease: games/minecraft Service: games/minecraft-minecraft
+++ HelmRelease: games/minecraft Service: games/minecraft-minecraft
@@ -0,0 +1,23 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: minecraft-minecraft
+ labels:
+ app: minecraft-minecraft
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+ annotations:
+ metallb.universe.tf/loadBalancerIPs: ${SVC_MINECRAFT_ADDR}
+spec:
+ type: LoadBalancer
+ ports:
+ - name: minecraft
+ port: 25565
+ targetPort: minecraft
+ protocol: TCP
+ selector:
+ app: minecraft-minecraft
+
--- HelmRelease: games/minecraft Service: games/minecraft-minecraft-rcon
+++ HelmRelease: games/minecraft Service: games/minecraft-minecraft-rcon
@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: minecraft-minecraft-rcon
+ labels:
+ app: minecraft-minecraft
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+spec:
+ type: ClusterIP
+ ports:
+ - name: rcon
+ port: 25575
+ targetPort: rcon
+ protocol: TCP
+ selector:
+ app: minecraft-minecraft
+
--- HelmRelease: games/minecraft Deployment: games/minecraft-minecraft
+++ HelmRelease: games/minecraft Deployment: games/minecraft-minecraft
@@ -0,0 +1,169 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: minecraft-minecraft
+ annotations:
+ secret.reloader.stakater.com/reload: minecraft-secret
+ labels:
+ app: minecraft-minecraft
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+spec:
+ replicas: 1
+ strategy:
+ type: Recreate
+ selector:
+ matchLabels:
+ app: minecraft-minecraft
+ template:
+ metadata:
+ labels:
+ app: minecraft-minecraft
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+ spec:
+ securityContext:
+ fsGroup: 2000
+ runAsGroup: 3000
+ runAsNonRoot: true
+ runAsUser: 1000
+ seccompProfile:
+ type: RuntimeDefault
+ containers:
+ - name: minecraft-minecraft
+ image: ghcr.io/itzg/minecraft-server:java17
+ imagePullPolicy: IfNotPresent
+ tty: true
+ stdin: true
+ resources:
+ limits:
+ memory: 8Gi
+ requests:
+ cpu: 500m
+ memory: 512Mi
+ readinessProbe:
+ exec:
+ command:
+ - mc-health
+ initialDelaySeconds: 30
+ periodSeconds: 5
+ failureThreshold: 20
+ successThreshold: 1
+ timeoutSeconds: 1
+ livenessProbe:
+ exec:
+ command:
+ - mc-health
+ initialDelaySeconds: 30
+ periodSeconds: 5
+ failureThreshold: 20
+ successThreshold: 1
+ timeoutSeconds: 1
+ env:
+ - name: EULA
+ value: 'true'
+ - name: TYPE
+ value: SPIGOT
+ - name: VERSION
+ value: 1.20.2
+ - name: DIFFICULTY
+ value: normal
+ - name: WHITELIST
+ value: akira
+ - name: OPS
+ value: akira
+ - name: MAX_PLAYERS
+ value: '20'
+ - name: MAX_WORLD_SIZE
+ value: '10000'
+ - name: FORCE_REDOWNLOAD
+ value: 'TRUE'
+ - name: MAX_BUILD_HEIGHT
+ value: '256'
+ - name: MAX_TICK_TIME
+ value: '-1'
+ - name: VIEW_DISTANCE
+ value: '12'
+ - name: MODE
+ value: survival
+ - name: MOTD
+ value: We have cookies
+ - name: PVP
+ value: 'false'
+ - name: LEVEL_TYPE
+ value: DEFAULT
+ - name: LEVEL
+ value: Empire
+ - name: SPIGET_RESOURCES
+ value: '36618'
+ - name: MODRINTH_ALLOWED_VERSION_TYPE
+ value: release
+ - name: ONLINE_MODE
+ value: 'false'
+ - name: MEMORY
+ value: 8192M
+ - name: JVM_XX_OPTS
+ value: -XX:MaxRAMPercentage=75
+ - name: OVERRIDE_SERVER_PROPERTIES
+ value: 'false'
+ - name: ENABLE_RCON
+ value: 'true'
+ - name: RCON_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: minecraft-minecraft-rcon
+ key: rcon-password
+ - name: ENABLE_AUTOPAUSE
+ value: 'false'
+ - name: TZ
+ value: ${TIMEZONE}
+ ports:
+ - name: minecraft
+ containerPort: 25565
+ protocol: TCP
+ - name: rcon
+ containerPort: 25575
+ protocol: TCP
+ - name: metrics
+ containerPort: 9225
+ protocol: TCP
+ - name: map
+ containerPort: 8123
+ protocol: TCP
+ volumeMounts:
+ - name: tmp
+ mountPath: /tmp
+ - name: datadir
+ mountPath: /data
+ - name: backupdir
+ mountPath: /backups
+ readOnly: true
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ fsGroup: 1000
+ readOnlyRootFilesystem: true
+ runAsUser: 1000
+ volumes:
+ - name: tmp
+ emptyDir: {}
+ - name: datadir
+ persistentVolumeClaim:
+ claimName: minecraft-minecraft-datadir
+ - name: backupdir
+ emptyDir: {}
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: kubernetes.io/hostname
+ operator: In
+ values:
+ - k8s-2
+
--- HelmRelease: games/minecraft Ingress: games/minecraft-minecraft-map
+++ HelmRelease: games/minecraft Ingress: games/minecraft-minecraft-map
@@ -0,0 +1,29 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: minecraft-minecraft-map
+ labels:
+ app: minecraft-minecraft-map
+ release: minecraft
+ heritage: Helm
+ app.kubernetes.io/name: minecraft
+ app.kubernetes.io/instance: minecraft-minecraft
+spec:
+ ingressClassName: nginx
+ tls:
+ - hosts:
+ - minecraft.${SECRET_DOMAIN}
+ secretName: minecraft.${SECRET_DOMAIN}
+ rules:
+ - host: minecraft.${SECRET_DOMAIN}
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: minecraft-minecraft-map
+ port:
+ number: 8123
+