From 14dc56f7b0eb9b8024bb0f0b2c96899a37d6eafb Mon Sep 17 00:00:00 2001 From: Flegma Date: Wed, 8 Apr 2026 14:27:24 +0200 Subject: [PATCH 1/3] fix: add script error handling, clean up Redis config, add graceful shutdown --- base/api/deployment.yaml | 1 + base/api/ingress.yaml | 4 ++-- base/game-server-node-connector/daemonset.yaml | 5 +++++ base/hasura/deployment.yaml | 1 + base/redis/configmap.yaml | 4 ++-- install.sh | 13 +++++++++++-- setup-env.sh | 5 +++++ 7 files changed, 27 insertions(+), 6 deletions(-) diff --git a/base/api/deployment.yaml b/base/api/deployment.yaml index 5803d31..9ca2820 100644 --- a/base/api/deployment.yaml +++ b/base/api/deployment.yaml @@ -20,6 +20,7 @@ spec: labels: app: api spec: + terminationGracePeriodSeconds: 30 serviceAccountName: server-creator dnsConfig: options: diff --git a/base/api/ingress.yaml b/base/api/ingress.yaml index 174d640..1e37f3d 100644 --- a/base/api/ingress.yaml +++ b/base/api/ingress.yaml @@ -4,8 +4,8 @@ metadata: name: api namespace: 5stack annotations: - nginx.ingress.kubernetes.io/proxy-body-size: "4G" - nginx.ingress.kubernetes.io/client-max-body-size: "4G" + nginx.ingress.kubernetes.io/proxy-body-size: "100M" + nginx.ingress.kubernetes.io/client-max-body-size: "100M" spec: ingressClassName: nginx rules: diff --git a/base/game-server-node-connector/daemonset.yaml b/base/game-server-node-connector/daemonset.yaml index abe7598..15586e9 100644 --- a/base/game-server-node-connector/daemonset.yaml +++ b/base/game-server-node-connector/daemonset.yaml @@ -6,6 +6,10 @@ metadata: name: game-server-node-connector namespace: 5stack spec: + updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 selector: matchLabels: app: game-server-node-connector @@ -14,6 +18,7 @@ spec: labels: app: game-server-node-connector spec: + terminationGracePeriodSeconds: 30 dnsConfig: options: - name: ndots diff --git a/base/hasura/deployment.yaml b/base/hasura/deployment.yaml index 6d41f5d..8ab3a0f 100644 --- a/base/hasura/deployment.yaml +++ b/base/hasura/deployment.yaml @@ -20,6 +20,7 @@ spec: labels: app: hasura spec: + terminationGracePeriodSeconds: 30 dnsConfig: options: - name: ndots diff --git a/base/redis/configmap.yaml b/base/redis/configmap.yaml index e997174..a726c40 100644 --- a/base/redis/configmap.yaml +++ b/base/redis/configmap.yaml @@ -5,9 +5,9 @@ metadata: namespace: 5stack data: redis.conf: | + # Persistence strategy: hybrid RDB snapshots + AOF for durability. + # RDB provides point-in-time snapshots; AOF provides write-level durability. tcp-keepalive 240 - appendonly no - save "" maxmemory-policy noeviction user default on >${REDIS_PASSWORD} allcommands allkeys +@all &* io-threads-do-reads yes diff --git a/install.sh b/install.sh index 28f0264..e5a0804 100755 --- a/install.sh +++ b/install.sh @@ -1,4 +1,5 @@ #!/bin/bash +set -euo pipefail source setup-env.sh "$@" check_sudo @@ -17,7 +18,10 @@ mkdir -p /opt/5stack/custom-plugins echo "Environment files setup complete" echo "Installing K3s" -curl -sfL https://get.k3s.io | sh -s - --disable=traefik +if ! curl -sfL https://get.k3s.io | sh -s - --disable=traefik; then + echo "ERROR: K3s installation failed" + exit 1 +fi cat <<-'SCRIPT' >/usr/local/bin/5stack-cpu-state-check.sh #!/bin/bash @@ -46,7 +50,12 @@ systemctl daemon-reload echo "Installing Ingress Nginx, this may take a few minutes..." install_ingress_nginx true -kubectl label node $(kubectl get nodes -o jsonpath='{.items[0].metadata.name}') 5stack-api=true 5stack-hasura=true 5stack-minio=true 5stack-timescaledb=true 5stack-redis=true 5stack-typesense=true 5stack-web=true +NODE_NAME=$(kubectl get nodes -o jsonpath='{.items[0].metadata.name}') +if [ -z "$NODE_NAME" ]; then + echo "ERROR: Could not determine node name" + exit 1 +fi +kubectl label node "$NODE_NAME" 5stack-api=true 5stack-hasura=true 5stack-minio=true 5stack-timescaledb=true 5stack-redis=true 5stack-typesense=true 5stack-web=true source update.sh "$@" diff --git a/setup-env.sh b/setup-env.sh index e5512ef..18f1078 100755 --- a/setup-env.sh +++ b/setup-env.sh @@ -204,6 +204,11 @@ if [ -z "$WEB_DOMAIN" ] || [ -z "$WS_DOMAIN" ] || [ -z "$API_DOMAIN" ] || [ -z " echo "Base domain cannot be empty. Please enter your base domain (e.g. example.com):" read WEB_DOMAIN fi + + if [ -z "$WEB_DOMAIN" ] || echo "$WEB_DOMAIN" | grep -q ' '; then + echo "ERROR: Invalid domain '$WEB_DOMAIN'. Domain must be non-empty and contain no spaces." + exit 1 + fi echo "WEB_DOMAIN: $WEB_DOMAIN" update_env_var "overlays/config/api-config.env" "WEB_DOMAIN" "$WEB_DOMAIN" From 1192b5fb272f26ee041b33e084f21733861c89ee Mon Sep 17 00:00:00 2001 From: Flegma Date: Wed, 8 Apr 2026 14:50:26 +0200 Subject: [PATCH 2/3] fix: increase API ingress body size to 500M for CS2 demo uploads CS2 demo files can be 100-300MB+. The previous 100M limit would cause 413 errors on demo uploads. 500M accommodates large demos while still being much safer than the original 4G. --- base/api/ingress.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/base/api/ingress.yaml b/base/api/ingress.yaml index 1e37f3d..05f66b6 100644 --- a/base/api/ingress.yaml +++ b/base/api/ingress.yaml @@ -4,8 +4,8 @@ metadata: name: api namespace: 5stack annotations: - nginx.ingress.kubernetes.io/proxy-body-size: "100M" - nginx.ingress.kubernetes.io/client-max-body-size: "100M" + nginx.ingress.kubernetes.io/proxy-body-size: "500M" + nginx.ingress.kubernetes.io/client-max-body-size: "500M" spec: ingressClassName: nginx rules: From 1d2a406af4e104bb1d7262b8e0a5c4083a4d3e96 Mon Sep 17 00:00:00 2001 From: Flegma Date: Fri, 10 Apr 2026 12:25:53 +0200 Subject: [PATCH 3/3] fix: revert proxy-body-size, Redis config, and strict mode per review --- base/api/ingress.yaml | 4 ++-- base/redis/configmap.yaml | 4 ++-- install.sh | 13 ++----------- 3 files changed, 6 insertions(+), 15 deletions(-) diff --git a/base/api/ingress.yaml b/base/api/ingress.yaml index 05f66b6..174d640 100644 --- a/base/api/ingress.yaml +++ b/base/api/ingress.yaml @@ -4,8 +4,8 @@ metadata: name: api namespace: 5stack annotations: - nginx.ingress.kubernetes.io/proxy-body-size: "500M" - nginx.ingress.kubernetes.io/client-max-body-size: "500M" + nginx.ingress.kubernetes.io/proxy-body-size: "4G" + nginx.ingress.kubernetes.io/client-max-body-size: "4G" spec: ingressClassName: nginx rules: diff --git a/base/redis/configmap.yaml b/base/redis/configmap.yaml index a726c40..e997174 100644 --- a/base/redis/configmap.yaml +++ b/base/redis/configmap.yaml @@ -5,9 +5,9 @@ metadata: namespace: 5stack data: redis.conf: | - # Persistence strategy: hybrid RDB snapshots + AOF for durability. - # RDB provides point-in-time snapshots; AOF provides write-level durability. tcp-keepalive 240 + appendonly no + save "" maxmemory-policy noeviction user default on >${REDIS_PASSWORD} allcommands allkeys +@all &* io-threads-do-reads yes diff --git a/install.sh b/install.sh index e5a0804..28f0264 100755 --- a/install.sh +++ b/install.sh @@ -1,5 +1,4 @@ #!/bin/bash -set -euo pipefail source setup-env.sh "$@" check_sudo @@ -18,10 +17,7 @@ mkdir -p /opt/5stack/custom-plugins echo "Environment files setup complete" echo "Installing K3s" -if ! curl -sfL https://get.k3s.io | sh -s - --disable=traefik; then - echo "ERROR: K3s installation failed" - exit 1 -fi +curl -sfL https://get.k3s.io | sh -s - --disable=traefik cat <<-'SCRIPT' >/usr/local/bin/5stack-cpu-state-check.sh #!/bin/bash @@ -50,12 +46,7 @@ systemctl daemon-reload echo "Installing Ingress Nginx, this may take a few minutes..." install_ingress_nginx true -NODE_NAME=$(kubectl get nodes -o jsonpath='{.items[0].metadata.name}') -if [ -z "$NODE_NAME" ]; then - echo "ERROR: Could not determine node name" - exit 1 -fi -kubectl label node "$NODE_NAME" 5stack-api=true 5stack-hasura=true 5stack-minio=true 5stack-timescaledb=true 5stack-redis=true 5stack-typesense=true 5stack-web=true +kubectl label node $(kubectl get nodes -o jsonpath='{.items[0].metadata.name}') 5stack-api=true 5stack-hasura=true 5stack-minio=true 5stack-timescaledb=true 5stack-redis=true 5stack-typesense=true 5stack-web=true source update.sh "$@"