commit 5abc90152e8307cef251481d9ea5ba6dc9965380
Author: Ryan Cuda <rcuda@lab.cudanet.org>
Date:   Fri Apr 17 18:00:02 2026 -0700

    first commit

diff --git a/01-namespace.yaml b/01-namespace.yaml
new file mode 100644
index 0000000..1253fb3
--- /dev/null
+++ b/01-namespace.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  annotations:
+  labels:
+    kubernetes.io/metadata.name: minecraft
+  name: minecraft
+---
diff --git a/02-pvc.yaml b/02-pvc.yaml
new file mode 100644
index 0000000..d70e725
--- /dev/null
+++ b/02-pvc.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  annotations:
+  name: minecraft-data
+  namespace: minecraft
+spec:
+  accessModes:
+  - ReadWriteMany
+  resources:
+    requests:
+      storage: 100Gi
+  volumeMode: Filesystem
+  storageClassName: ocs-storagecluster-cephfs
+--- 
diff --git a/03-deployment.yaml b/03-deployment.yaml
new file mode 100644
index 0000000..9ffb708
--- /dev/null
+++ b/03-deployment.yaml
@@ -0,0 +1,106 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+  labels:
+    app: minecraft
+    app.kubernetes.io/component: minecraft
+    app.kubernetes.io/instance: minecraft
+  name: minecraft
+  namespace: minecraft
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      deployment: minecraft
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 25%
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        deployment: minecraft
+    spec:
+      containers:
+      - env:
+        - name: EULA
+          value: "true"
+        - name: MOTD
+          value: Minecraft on Openshift
+        - name: GAME_MODE
+          value: creative
+        - name: ONLINE_MODE
+          value: "false"
+        image: gitea.lab.cudanet.org/cudanet/minecraft/minecraft:1.21.11
+        imagePullPolicy: IfNotPresent
+        name: minecraft
+        ports:
+        - containerPort: 25565
+          protocol: TCP
+        resources: {}
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+        volumeMounts:
+        - mountPath: /data
+          name: minecraft-data
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      serviceAccount: minecraft
+      serviceAccountName: minecraft
+      terminationGracePeriodSeconds: 30
+      volumes:
+      - name: minecraft-data
+        persistentVolumeClaim:
+          claimName: minecraft-data
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+  labels:
+    app: geysermc
+    app.kubernetes.io/component: geysermc
+    app.kubernetes.io/instance: geysermc
+  name: geysermc
+  namespace: minecraft
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      deployment: geysermc
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 25%
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+      creationTimestamp: null
+      labels:
+        deployment: geysermc
+    spec:
+      containers:
+      - image: gitea.lab.cudanet.org/cudanet/minecraft/geysermc:1.21.11
+        imagePullPolicy: IfNotPresent
+        name: geysermc
+        ports:
+        - containerPort: 19132
+          protocol: UDP
+        resources: {}
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
diff --git a/04-svc.yaml b/04-svc.yaml
new file mode 100644
index 0000000..6ffe2d8
--- /dev/null
+++ b/04-svc.yaml
@@ -0,0 +1,55 @@
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    metallb.universe.tf/ip-allocated-from-pool: prod-ocp-101-200
+    metallb.universe.tf/allow-shared-ip: minecraft
+  labels:
+    app: minecraft
+    app.kubernetes.io/component: minecraft
+    app.kubernetes.io/instance: minecraft
+  name: minecraft
+  namespace: minecraft
+spec:
+  allocateLoadBalancerNodePorts: true
+  externalTrafficPolicy: Cluster
+  internalTrafficPolicy: Cluster
+  ipFamilies:
+  - IPv4
+  ipFamilyPolicy: SingleStack
+  ports:
+  - port: 25565
+    protocol: TCP
+    targetPort: 25565
+  selector:
+    deployment: minecraft
+  sessionAffinity: None
+  type: LoadBalancer
+---
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    metallb.universe.tf/allow-shared-ip: minecraft
+    metallb.universe.tf/ip-allocated-from-pool: prod-ocp-101-200
+  labels:
+    app: geysermc
+    app.kubernetes.io/component: geysermc
+    app.kubernetes.io/instance: geysermc
+  name: geysermc
+  namespace: minecraft
+spec:
+  allocateLoadBalancerNodePorts: true
+  externalTrafficPolicy: Cluster
+  internalTrafficPolicy: Cluster
+  ipFamilies:
+  - IPv4
+  ipFamilyPolicy: SingleStack
+  ports:
+  - port: 19132
+    protocol: UDP
+    targetPort: 19132
+  selector:
+    deployment: geysermc
+  sessionAffinity: None
+  type: LoadBalancer
diff --git a/05-sa.yaml b/05-sa.yaml
new file mode 100644
index 0000000..0919349
--- /dev/null
+++ b/05-sa.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: minecraft
+  namespace: minecraft
+  labels:
+    app: minecraft
+---
diff --git a/06-clusterrole.yaml b/06-clusterrole.yaml
new file mode 100644
index 0000000..306ac94
--- /dev/null
+++ b/06-clusterrole.yaml
@@ -0,0 +1,16 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: minecraft-anyuid
+  labels:
+    app: minecraft
+rules:
+- apiGroups:
+  - security.openshift.io
+  resourceNames:
+  - anyuid
+  resources:
+  - securitycontextconstraints
+  verbs:
+  - use
+---
diff --git a/07-clusterrolebinding.yaml b/07-clusterrolebinding.yaml
new file mode 100644
index 0000000..c4ac47e
--- /dev/null
+++ b/07-clusterrolebinding.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: minecraft-anyuid
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system:openshift:scc:anyuid
+subjects:
+- kind: ServiceAccount
+  name: minecraft
+  namespace: minecraft
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..34143f4
--- /dev/null
+++ b/README.md
@@ -0,0 +1,34 @@
+# minecraft
+
+```
+YAML=$(ls | grep yaml | sort)
+for y in $YAML; do oc apply -f $y; done
+```
+
+# UPDATE 8/30/2023:
+
+new ServiceAccount, ClusterRole and ClusterRoleBinding created, now it doesn't rely on having to manually add an scc to the SA post deployment.  Much cleaner and easier to manage.
+
+Then in order to restore the backup of the 'pirate ship' server, you need to do some trickery.  You'll need to let the generic server come up, then you need copy the file 'minecraft.tar.gz' to the debug pod, erase the contents of /data, extract the tarball into /data, fix permissions and then bounce the pod.  
+
+```
+oc get pod
+
+NAME                         READY   STATUS    RESTARTS   AGE
+minecraft-7cdb5fc967-mjchg   1/1     Running   0          2m39s
+
+oc debug minecraft-7cdb5fc967-mjchg
+# from within the debug pod
+# rm -rfv /data/*
+
+oc cp minecraft.tar.gz minecraft-7cdb5fc967-mjchg:/data/
+
+# from within the debug pod
+# tar xf minecraft.tar.gz
+# chown -vR minecraft:minecraft /data
+# chmod -vR 777 /data
+# exit
+
+oc delete pod minecraft-7cdb5fc967-mjchg
+```
+