From 910b6a588780017cb9a12745401e1c3c01c9cd69 Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Sat, 10 Sep 2022 18:12:39 +0200 Subject: [PATCH 01/10] chore(docs): change url to gh pages default instead of custom domain --- README.md | 2 +- mkdocs.yml | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index eeb944a..2d50e75 100644 --- a/README.md +++ b/README.md @@ -8,4 +8,4 @@ Currently this project is work-in-progress and is not considered production read ## Docs -https://docs.acaslab.com/pterodactyl-on-k8s +https://acaslab.github.io/pterodactyl-on-k8s/ diff --git a/mkdocs.yml b/mkdocs.yml index 4c04217..face30a 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -1,6 +1,5 @@ site_name: Pterodactyl on Kubernetes Docs -site_url: https://docs.acaslab.com/pterodactyl-on-k8s/ -site_dir: pterodactyl-on-k8s +site_url: https://acaslab.github.io/pterodactyl-on-k8s/ repo_url: https://github.com/acaslab/pterodactyl-on-k8s/ repo_name: acaslab/pterodactyl-on-k8s @@ -40,4 +39,4 @@ markdown_extensions: plugins: - mike: - deploy_prefix: 'pterodactyl-on-k8s' + deploy_prefix: '/pterodactyl-on-k8s/' From 849766ce8ff5ff49286fe39c7621623d5f0ec506 Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Sat, 10 Sep 2022 18:18:51 +0200 Subject: [PATCH 02/10] ci: run two kind of jobs on docs publish (split release and dev) --- .github/workflows/docs.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 913ab40..e459c11 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -30,6 +30,12 @@ jobs: git config --local user.email "github-actions[bot]@users.noreply.github.com" git config --local user.name "github-actions[bot]" - name: build and push + if: startsWith(github.ref, 'refs/tags/v') run: | mike deploy ${{ github.ref_name }} latest --push --update-aliases mike set-default --push latest + - name: build and push + if: startsWith(github.ref, 'refs/heads/') + run: | + mike deploy dev --push --update-aliases + mike set-default --push dev From 78e42f59a9e057f3c71d778e2dba970bb064e96b Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Mon, 16 Jan 2023 16:27:07 +0100 Subject: [PATCH 03/10] feat: correct way for nightly docker builds from source --- .github/workflows/nightly.yml | 42 +++++++++++++++++++++++ Dockerfile.nightly | 63 +++++++++++++++++++++++++++++++++++ 2 files changed, 105 insertions(+) create mode 100644 .github/workflows/nightly.yml create mode 100644 Dockerfile.nightly diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml new file mode 100644 index 0000000..8ce66c1 --- /dev/null +++ b/.github/workflows/nightly.yml @@ -0,0 +1,42 @@ +name: Nightly / Build and publish a Docker image + +env: + REGISTRY: ghcr.io + IMAGE_NAME: acaslab/pterodactyl-panel + +on: + schedule: + - cron: '0 4 * * *' + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Log in to the Container registry + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + - name: Build and push Docker image + uses: docker/build-push-action@v3 + with: + context: . + file: Dockerfile.nightly + push: true + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly + labels: ${{ steps.meta.outputs.labels }} diff --git a/Dockerfile.nightly b/Dockerfile.nightly new file mode 100644 index 0000000..6b6ed06 --- /dev/null +++ b/Dockerfile.nightly @@ -0,0 +1,63 @@ +FROM ubuntu:22.04 as base + +RUN apt update && apt -y install \ + software-properties-common \ + apt-transport-https \ + ca-certificates \ + gnupg \ + curl + +# Add Ondrej Sury's PPA for PHP +RUN LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php \ + && apt update + +# Install PHP 8.1 +RUN DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt -y install \ + php8.1 \ + php8.1-common \ + php8.1-cli \ + php8.1-gd \ + php8.1-mysql \ + php8.1-mbstring \ + php8.1-bcmath \ + php8.1-xml \ + php8.1-fpm \ + php8.1-curl \ + php8.1-zip \ + unzip \ + tar \ + git + +FROM base as builder + +# Add Node.js 18.x PPA +RUN curl -fsSL https://deb.nodesource.com/setup_18.x | sh - + +# Install Node.js & Yarn to build assets +RUN DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt install nodejs -y && npm i -g yarn + +RUN rm -rf /var/lib/apt && \ + rm -rf /var/lib/dpkg && \ + rm -rf /var/lib/cache && \ + rm -rf /var/lib/log + +# Install composer +RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer + +# Download the Pterodactyl Panel +RUN git clone https://github.com/pterodactyl/panel.git /var/www/pterodactyl + +WORKDIR /var/www/pterodactyl + +# Install Node.js dependencies & build assets +RUN yarn install --frozen-lockfile && yarn run build + +# Install PHP dependencies +RUN composer install --no-dev --optimize-autoloader + +FROM base as app + +WORKDIR /var/www/pterodactyl +USER www-data + +COPY --from=builder --chown=www-data:www-data /var/www/pterodactyl /var/www/pterodactyl From 98d73f01bff99c05116bc507eaaf94427bd888e5 Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Mon, 16 Jan 2023 16:29:35 +0100 Subject: [PATCH 04/10] chore(Dockerfile): apt packages order --- Dockerfile | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7a1ee2a..7a33cb7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,9 +2,10 @@ FROM ubuntu:22.04 as base RUN apt update && apt -y install \ software-properties-common \ - curl apt-transport-https \ + apt-transport-https \ ca-certificates \ - gnupg + gnupg \ + curl # Add Ondrej Sury's PPA for PHP RUN LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php @@ -24,8 +25,8 @@ RUN DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt -y install \ php8.1-fpm \ php8.1-curl \ php8.1-zip \ - tar \ unzip \ + tar \ git RUN rm -rf /var/lib/apt && \ From 7ecb1de169d245b59f5b29878fc61846b4bd236b Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Mon, 16 Jan 2023 16:30:15 +0100 Subject: [PATCH 05/10] refactor(Dockerfile): squash layers (apt related) --- Dockerfile | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7a33cb7..c678243 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,9 +8,8 @@ RUN apt update && apt -y install \ curl # Add Ondrej Sury's PPA for PHP -RUN LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php - -RUN apt update +RUN LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php \ + && apt update # Install PHP 8.1 RUN DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt -y install \ From 4553406ee8591052ad1453f92d92287f711ea42f Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Mon, 16 Jan 2023 16:31:05 +0100 Subject: [PATCH 06/10] chore(Dockerfile): squash layers (chown) --- Dockerfile | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index c678243..58b5574 100644 --- a/Dockerfile +++ b/Dockerfile @@ -53,12 +53,9 @@ RUN tar -xzvf panel.tar.gz # Install dependencies RUN composer install --no-dev --optimize-autoloader -# Change the owner of the files, recursively -RUN chown -R www-data:www-data /var/www/pterodactyl - FROM base as app WORKDIR /var/www/pterodactyl USER www-data -COPY --from=builder /var/www/pterodactyl /var/www/ptereodactyl +COPY --from=builder --chown=www-data:www-data /var/www/pterodactyl /var/www/pterodactyl From a27c0b5e9b4af11ef35ae14c3d1a4cde9a6103a0 Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Mon, 16 Jan 2023 16:36:00 +0100 Subject: [PATCH 07/10] refactor: clean up docker build for release channel --- .github/workflows/{docker-build.yml => release.yml} | 2 +- Dockerfile => Dockerfile.release | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename .github/workflows/{docker-build.yml => release.yml} (95%) rename Dockerfile => Dockerfile.release (100%) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/release.yml similarity index 95% rename from .github/workflows/docker-build.yml rename to .github/workflows/release.yml index abe293e..ae4d5e9 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/release.yml @@ -1,4 +1,4 @@ -name: Create and publish a Docker image +name: Release / Build and publish a Docker image env: REGISTRY: ghcr.io diff --git a/Dockerfile b/Dockerfile.release similarity index 100% rename from Dockerfile rename to Dockerfile.release From 311f4fd6d15a53d50ee20745e8a6cfe480dac7cb Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Mon, 16 Jan 2023 16:39:14 +0100 Subject: [PATCH 08/10] ci: fix dockerfile path --- .github/workflows/release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ae4d5e9..77d62b2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -39,6 +39,7 @@ jobs: uses: docker/build-push-action@v3 with: context: . + file: Dockerfile.release push: true tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest labels: ${{ steps.meta.outputs.labels }} From 491a9cc294f6d886b6ff79ab3ea3256363a7cbfd Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Mon, 16 Jan 2023 16:41:43 +0100 Subject: [PATCH 09/10] ci(release): use floating major tag for actions --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 77d62b2..4d4db6d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: uses: actions/checkout@v3 - name: Log in to the Container registry - uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 + uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -31,7 +31,7 @@ jobs: - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + uses: docker/metadata-action@v4 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} From eeada0e25d22b148bbdde58774a0d2eb44eefd21 Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Wed, 1 May 2024 07:47:42 +0200 Subject: [PATCH 10/10] chore: wip --- charts/pterodactyl-panel/.helmignore | 23 ++++ charts/pterodactyl-panel/Chart.yaml | 7 + charts/pterodactyl-panel/templates/NOTES.txt | 22 +++ .../pterodactyl-panel/templates/_helpers.tpl | 62 +++++++++ .../templates/cron/cronjob.yaml | 44 ++++++ .../pterodactyl-panel/templates/ingress.yaml | 41 ++++++ .../templates/migration/job.yaml | 0 .../templates/nginx/configmap.yaml | 43 ++++++ .../templates/nginx/deployment.yaml | 108 +++++++++++++++ .../templates/nginx/hpa.yaml | 28 ++++ .../templates/nginx/service.yaml | 15 +++ .../templates/php-fpm/deployment.yaml | 85 ++++++++++++ .../templates/php-fpm/hpa.yaml | 28 ++++ .../templates/php-fpm/service.yaml | 15 +++ .../templates/serviceaccount.yaml | 12 ++ .../templates/tests/test-connection.yaml | 15 +++ charts/pterodactyl-panel/values.yaml | 126 ++++++++++++++++++ 17 files changed, 674 insertions(+) create mode 100644 charts/pterodactyl-panel/.helmignore create mode 100644 charts/pterodactyl-panel/Chart.yaml create mode 100644 charts/pterodactyl-panel/templates/NOTES.txt create mode 100644 charts/pterodactyl-panel/templates/_helpers.tpl create mode 100644 charts/pterodactyl-panel/templates/cron/cronjob.yaml create mode 100644 charts/pterodactyl-panel/templates/ingress.yaml create mode 100644 charts/pterodactyl-panel/templates/migration/job.yaml create mode 100644 charts/pterodactyl-panel/templates/nginx/configmap.yaml create mode 100644 charts/pterodactyl-panel/templates/nginx/deployment.yaml create mode 100644 charts/pterodactyl-panel/templates/nginx/hpa.yaml create mode 100644 charts/pterodactyl-panel/templates/nginx/service.yaml create mode 100644 charts/pterodactyl-panel/templates/php-fpm/deployment.yaml create mode 100644 charts/pterodactyl-panel/templates/php-fpm/hpa.yaml create mode 100644 charts/pterodactyl-panel/templates/php-fpm/service.yaml create mode 100644 charts/pterodactyl-panel/templates/serviceaccount.yaml create mode 100644 charts/pterodactyl-panel/templates/tests/test-connection.yaml create mode 100644 charts/pterodactyl-panel/values.yaml diff --git a/charts/pterodactyl-panel/.helmignore b/charts/pterodactyl-panel/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/pterodactyl-panel/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/pterodactyl-panel/Chart.yaml b/charts/pterodactyl-panel/Chart.yaml new file mode 100644 index 0000000..0d0389b --- /dev/null +++ b/charts/pterodactyl-panel/Chart.yaml @@ -0,0 +1,7 @@ +apiVersion: v2 +name: pterodactyl-panel +description: Pterodactyl Panel Helm chart +kubeVersion: ">=1.24.0" +type: application +version: 0.1.0 +appVersion: "1.10.1" diff --git a/charts/pterodactyl-panel/templates/NOTES.txt b/charts/pterodactyl-panel/templates/NOTES.txt new file mode 100644 index 0000000..59487b7 --- /dev/null +++ b/charts/pterodactyl-panel/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "pterodactyl-panel.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "pterodactyl-panel.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "pterodactyl-panel.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "pterodactyl-panel.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/pterodactyl-panel/templates/_helpers.tpl b/charts/pterodactyl-panel/templates/_helpers.tpl new file mode 100644 index 0000000..772ba4a --- /dev/null +++ b/charts/pterodactyl-panel/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "pterodactyl-panel.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "pterodactyl-panel.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "pterodactyl-panel.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "pterodactyl-panel.labels" -}} +helm.sh/chart: {{ include "pterodactyl-panel.chart" . }} +{{ include "pterodactyl-panel.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "pterodactyl-panel.selectorLabels" -}} +app.kubernetes.io/name: {{ include "pterodactyl-panel.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "pterodactyl-panel.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "pterodactyl-panel.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/pterodactyl-panel/templates/cron/cronjob.yaml b/charts/pterodactyl-panel/templates/cron/cronjob.yaml new file mode 100644 index 0000000..2467fa3 --- /dev/null +++ b/charts/pterodactyl-panel/templates/cron/cronjob.yaml @@ -0,0 +1,44 @@ +apiVersion: batch/v1 +kind: CronJob +metadata: + name: {{ include "pterodactyl-panel.fullname" . }} + labels: + app.kubernetes.io/name: php-cli + app.kubernetes.io/version: "{{ .Values.phpfpm.image.tag | default .Chart.AppVersion }}" + app.kubernetes.io/component: backend-cronjob + app.kubernetes.io/part-of: pterodactyl-panel + +spec: + schedule: "* * * * *" + jobTemplate: + spec: + backoffLimit: 4 + activeDeadlineSeconds: 60 + ttlSecondsAfterFinished: 900 + + template: + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "pterodactyl-panel.serviceAccountName" . }} + + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + resources: + {{- toYaml .Values.cron.resources | nindent 14 }} + command: ["php"] + args: + - /var/www/pterodactyl/artisan + - schedule:run + + envFrom: + - configMapRef: + name: {{ include "pterodactyl-panel.fullname" . }}-config + - secretRef: + name: {{ include "pterodactyl-panel.fullname" . }}-credentials + + restartPolicy: OnFailure diff --git a/charts/pterodactyl-panel/templates/ingress.yaml b/charts/pterodactyl-panel/templates/ingress.yaml new file mode 100644 index 0000000..7bb7db2 --- /dev/null +++ b/charts/pterodactyl-panel/templates/ingress.yaml @@ -0,0 +1,41 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "pterodactyl-panel.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "pterodactyl-panel.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + ingressClassName: {{ .Values.ingress.className }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $fullName }}--nginx + port: + number: {{ $svcPort }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/pterodactyl-panel/templates/migration/job.yaml b/charts/pterodactyl-panel/templates/migration/job.yaml new file mode 100644 index 0000000..e69de29 diff --git a/charts/pterodactyl-panel/templates/nginx/configmap.yaml b/charts/pterodactyl-panel/templates/nginx/configmap.yaml new file mode 100644 index 0000000..d843659 --- /dev/null +++ b/charts/pterodactyl-panel/templates/nginx/configmap.yaml @@ -0,0 +1,43 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-conf +data: + nginx.conf: | + user nginx; + worker_processes 1; + + error_log /dev/stdout warn; + + events { + worker_connections 1024; + } + + http { + log_format json_combined escape=json + '{' + '"time_local":"$time_local",' + '"remote_addr":"$remote_addr",' + '"remote_user":"$remote_user",' + '"request":"$request",' + '"status": "$status",' + '"body_bytes_sent":"$body_bytes_sent",' + '"request_time":"$request_time",' + '"http_referrer":"$http_referer",' + '"http_user_agent":"$http_user_agent"' + '}'; + + access_log /dev/stdout main; + + server { + listen 80; + server_name _; + + location / { + root html; + index index.html index.htm; + } + } + + include /etc/nginx/virtualhost/virtualhost.conf; + } diff --git a/charts/pterodactyl-panel/templates/nginx/deployment.yaml b/charts/pterodactyl-panel/templates/nginx/deployment.yaml new file mode 100644 index 0000000..5b0202c --- /dev/null +++ b/charts/pterodactyl-panel/templates/nginx/deployment.yaml @@ -0,0 +1,108 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "pterodactyl-panel.fullname" . }}--nginx + labels: + app.kubernetes.io/name: nginx + app.kubernetes.io/version: "{{ .Values.nginx.image.tag }}" + app.kubernetes.io/component: reverse-proxy + app.kubernetes.io/part-of: pterodactyl-panel + {{- include "pterodactyl-panel.labels" . | nindent 4 }} + +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.nginx.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "pterodactyl-panel.selectorLabels" . | nindent 6 }} + + template: + metadata: + {{- with .Values.nginx.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "pterodactyl-panel.selectorLabels" . | nindent 8 }} + + spec: + {{- with .Values.nginx.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "pterodactyl-panel.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.nginx.podSecurityContext | nindent 8 }} + terminationGracePeriodSeconds: 30 + + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.nginx.securityContext | nindent 12 }} + + image: "{{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}" + imagePullPolicy: {{ .Values.nginx.image.pullPolicy }} + + args: + - /bin/sh + - -c + - | + nginx -g "daemon off"; + + lifecycle: + preStop: + exec: + command: + - /bin/sh + - -c + - sleep 5 && /usr/sbin/nginx + - -s + - quit + + ports: + - name: http + containerPort: 8080 + protocol: TCP + + livenessProbe: + exec: + command: + - /bin/sh + - -c + - "[ -f /var/run/nginx.pid ] && ps -A | grep nginx" + initialDelaySeconds: 10 + periodSeconds: 5 + + readinessProbe: + httpGet: + path: / + port: http + + resources: + {{- toYaml .Values.nginx.resources | nindent 12 }} + + volumeMounts: + - mountPath: /var/cache/nginx + name: cache + - mountPath: /var/run + name: pid + + volumes: + - name: cache + emptyDir: {} + - name: pid + emptyDir: {} + + {{- with .Values.nginx.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nginx.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nginx.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/pterodactyl-panel/templates/nginx/hpa.yaml b/charts/pterodactyl-panel/templates/nginx/hpa.yaml new file mode 100644 index 0000000..da625cc --- /dev/null +++ b/charts/pterodactyl-panel/templates/nginx/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "pterodactyl-panel.fullname" . }}--nginx + labels: + {{- include "pterodactyl-panel.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "pterodactyl-panel.fullname" . }}--nginx + minReplicas: {{ .Values.nginx.autoscaling.minReplicas }} + maxReplicas: {{ .Values.nginx.autoscaling.maxReplicas }} + metrics: + {{- if .Values.nginx.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.nginx.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.nginx.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.nginx.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/pterodactyl-panel/templates/nginx/service.yaml b/charts/pterodactyl-panel/templates/nginx/service.yaml new file mode 100644 index 0000000..5b7911c --- /dev/null +++ b/charts/pterodactyl-panel/templates/nginx/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "pterodactyl-panel.fullname" . }}--nginx + labels: + {{- include "pterodactyl-panel.labels" . | nindent 4 }} +spec: + type: {{ .Values.nginx.service.type }} + ports: + - port: {{ .Values.nginx.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "pterodactyl-panel.selectorLabels" . | nindent 4 }} diff --git a/charts/pterodactyl-panel/templates/php-fpm/deployment.yaml b/charts/pterodactyl-panel/templates/php-fpm/deployment.yaml new file mode 100644 index 0000000..4b73d51 --- /dev/null +++ b/charts/pterodactyl-panel/templates/php-fpm/deployment.yaml @@ -0,0 +1,85 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "pterodactyl-panel.fullname" . }}--php-fpm + labels: + app.kubernetes.io/name: php-fpm + app.kubernetes.io/version: "{{ .Values.phpfpm.image.tag | default .Chart.AppVersion }}" + app.kubernetes.io/component: backend + app.kubernetes.io/part-of: pterodactyl-panel + {{- include "pterodactyl-panel.labels" . | nindent 4 }} + +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.phpFpm.replicaCount }} + {{- end }} + + selector: + matchLabels: + {{- include "pterodactyl-panel.selectorLabels" . | nindent 6 }} + + template: + metadata: + {{- with .Values.phpFpm.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "pterodactyl-panel.selectorLabels" . | nindent 8 }} + + spec: + {{- with .Values.phpFpm.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "pterodactyl-panel.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.phpFpm.podSecurityContext | nindent 8 }} + + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.phpFpm.securityContext | nindent 12 }} + image: "{{ .Values.phpFpm.image.repository }}:{{ .Values.phpFpm.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.phpFpm.image.pullPolicy }} + + lifecycle: + preStop: + exec: + command: + - /bin/sh + - '-c' + - sleep 5 && kill -SIGQUIT 1 + + ports: + - name: fastcgi + containerPort: 9000 + protocol: TCP + + livenessProbe: + tcpSocket: + port: 9000 + initialDelaySeconds: 5 + periodSeconds: 10 + + readinessProbe: + tcpSocket: + port: 9000 + initialDelaySeconds: 5 + periodSeconds: 10 + + resources: + {{- toYaml .Values.phpFpm.resources | nindent 12 }} + + {{- with .Values.phpFpm.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.phpFpm.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.phpFpm.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/pterodactyl-panel/templates/php-fpm/hpa.yaml b/charts/pterodactyl-panel/templates/php-fpm/hpa.yaml new file mode 100644 index 0000000..7ea7229 --- /dev/null +++ b/charts/pterodactyl-panel/templates/php-fpm/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "pterodactyl-panel.fullname" . }}--php-fpm + labels: + {{- include "pterodactyl-panel.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "pterodactyl-panel.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/pterodactyl-panel/templates/php-fpm/service.yaml b/charts/pterodactyl-panel/templates/php-fpm/service.yaml new file mode 100644 index 0000000..b4ef00a --- /dev/null +++ b/charts/pterodactyl-panel/templates/php-fpm/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "pterodactyl-panel.fullname" . }}--php-fpm + labels: + {{- include "pterodactyl-panel.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: fastcgi + protocol: TCP + name: fastcgi + selector: + {{- include "pterodactyl-panel.selectorLabels" . | nindent 4 }} diff --git a/charts/pterodactyl-panel/templates/serviceaccount.yaml b/charts/pterodactyl-panel/templates/serviceaccount.yaml new file mode 100644 index 0000000..4c1b8a5 --- /dev/null +++ b/charts/pterodactyl-panel/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "pterodactyl-panel.serviceAccountName" . }} + labels: + {{- include "pterodactyl-panel.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/pterodactyl-panel/templates/tests/test-connection.yaml b/charts/pterodactyl-panel/templates/tests/test-connection.yaml new file mode 100644 index 0000000..33e33d6 --- /dev/null +++ b/charts/pterodactyl-panel/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "pterodactyl-panel.fullname" . }}-test-connection" + labels: + {{- include "pterodactyl-panel.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "pterodactyl-panel.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/pterodactyl-panel/values.yaml b/charts/pterodactyl-panel/values.yaml new file mode 100644 index 0000000..ce330fb --- /dev/null +++ b/charts/pterodactyl-panel/values.yaml @@ -0,0 +1,126 @@ +nameOverride: "" +fullnameOverride: "" + +autoscaling: + enabled: false + +nginx: + imagePullSecrets: [] + + image: + repository: nginx + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "1.23.1" + + replicaCount: 1 + + autoscaling: + minReplicas: 2 + maxReplicas: 10 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + + service: + type: ClusterIP + port: 8080 + + resources: + limits: + cpu: 250m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + + podAnnotations: {} + + podSecurityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + - NET_RAW + + securityContext: + runAsNonRoot: true + runAsUser: 10014 + runAsGroup: 10014 + + nodeSelector: {} + + tolerations: [] + + affinity: {} + +phpFpm: + imagePullSecrets: [] + + image: + repository: ghcr.io/acaslab/pterodactyl-panel + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + + replicaCount: 1 + + autoscaling: + minReplicas: 2 + maxReplicas: 10 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + + service: + type: ClusterIP + port: 9000 + + resources: + limits: + cpu: 400m + memory: 256Mi + requests: + cpu: 600m + memory: 512Mi + + podAnnotations: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + nodeSelector: {} + + tolerations: [] + + affinity: {} + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +ingress: + enabled: false + className: "" + annotations: {} + hosts: + - host: example.com + paths: + - path: / + pathType: Prefix + tls: [] + # - secretName: example-tls + # hosts: + # - example.com