Skip to content
This repository has been archived by the owner on Sep 18, 2024. It is now read-only.

Commit

Permalink
Add Kubernetes example
Browse files Browse the repository at this point in the history
Signed-off-by: Timo Reichl <[email protected]>
  • Loading branch information
Timo Reichl committed Sep 15, 2022
1 parent 1b525f5 commit e3c3e1d
Show file tree
Hide file tree
Showing 2 changed files with 119 additions and 0 deletions.
6 changes: 6 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@ While [the official images](https://github.com/steamcmd/docker) are fine, my tak
- The server path is changed to `/var/lib/steamcmd/server`
- `openssh-server` is installed to provide an easy and secure way of managing server files externally, even when using Kubernetes

### SSH server

See the SSHD configuration at `image/base/etc/ssh/sshd_config.d/steamcmd.conf` for the options applied to the server. Only public key authentication is enabled!

To enable the SSH server, set the environment variables `STEAMCMD_SSH_SERVER_ENABLE` to `1` and `STEAMCMD_SSH_AUTHORIZED_KEYS` to the Base64 encoded public SSH keys separated by newlines (see `compose/hlds/cs-ssh.yml` or `compose/srcds/css-ssh.yml`). `STEAMCMD_SSH_AUTHORIZED_KEYS` essentially represents the `~/.ssh/authorized_keys` file on the server side in encoded format.

To Base64-encode your public SSH keys, put all in one file and encode it:
Expand All @@ -30,6 +34,8 @@ cat ids.txt | base64 -w 0

Then use the output as the value for `STEAMCMD_SSH_AUTHORIZED_KEYS`.

See the Kubernetes example deployment at `deploy/srcds/css.yaml`. The service exposes port `2204` as SSH port which can be used to connect via CLI or SFTP (WinSCP) to modify server files. That's not the only way it can be done. With my example, you have to configure your firewall to now allow SSH from the outside directly for more security.

### HLDS image
- Based on the `base` image
- Provides a generic base for HLDS-based game servers
Expand Down
113 changes: 113 additions & 0 deletions deploy/srcds/css.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: steamcmd-css
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: steamcmd-css-pvc-game
namespace: steamcmd-css
spec:
accessModes:
- ReadWriteOnce
volumeMode: Filesystem
resources:
requests:
storage: 15Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: steamcmd-css-pvc-ssh
namespace: steamcmd-css
spec:
accessModes:
- ReadWriteOnce
volumeMode: Filesystem
resources:
requests:
storage: 5Mi
---
apiVersion: v1
data:
authorized_keys: <base 64 encoded authorized_keys file contents>
kind: Secret
metadata:
name: ssh
namespace: steamcmd-css
type: Opaque
---
apiVersion: v1
kind: Pod
metadata:
name: steamcmd-css-pod
namespace: steamcmd-css
labels:
com.github.thetredev.steamcmd.service: steamcmd-css-service
spec:
containers:
- name: steamcmd-css
image: ghcr.io/thetredev/steamcmd:css-latest
resources:
requests:
memory: "512Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "200m"
env:
- name: TIME_ZONE
value: "Europe/Berlin"
- name: STEAMCMD_UID
value: "1000"
- name: STEAMCMD_GID
value: "5000"
- name: STEAMCMD_SSH_SERVER_ENABLE
value: "1"
- name: STEAMCMD_SSH_AUTHORIZED_KEYS
valueFrom:
secretKeyRef:
name: ssh
key: authorized_keys
ports:
- containerPort: 27015
protocol: UDP
- containerPort: 22
protocol: TCP
volumeMounts:
- name: data
mountPath: /var/lib/steamcmd/server
- name: ssh
mountPath: /opt/ssh
restartPolicy: Always
volumes:
- name: data
persistentVolumeClaim:
claimName: steamcmd-css-pvc-game
- name: ssh
persistentVolumeClaim:
claimName: steamcmd-css-pvc-ssh
---
apiVersion: v1
kind: Service
metadata:
name: steamcmd-css-service
namespace: steamcmd-css
spec:
type: LoadBalancer
loadBalancerIP: <your IP address>
ports:
# game server port
- name: game
protocol: UDP
port: 27015
targetPort: 27015
# SSH port
- name: ssh
protocol: TCP
port: 2204
targetPort: 22
selector:
com.github.thetredev.steamcmd.service: steamcmd-css-service

0 comments on commit e3c3e1d

Please sign in to comment.