-
Notifications
You must be signed in to change notification settings - Fork 1
config files redesign
Zane edited this page Apr 8, 2024
·
29 revisions
flag_regex: dam{[a-zA-Z...]}
registry:
domain: registry.example.com/damctf
# then environment variables e.g. REG_USER/REG_PASS
user: admin
pass: admin
# or alternatively (not both above and below)
build:
user:
pass:
cluster:
user:
pass:
defaults:
resources: { cpu: , mem: }
deploy:
# control challenge deployment status explicitly per environment/profile
$PROFILE:
misc/foo: true
rev/bar: false
$PROFILE2:
misc/foo: false
rev/bar: false
points:
- difficulty: 1
min: 0
max: 1337
profiles:
# configure per-environment credentials etc
$PROFILE:
frontend_url: x
# or environment var (recommended): FRONTEND_TOKEN_$PROFILE=aWYgeW91IGRlY29kZW9kQgdGhpcyB5b3UncmUgcHJvYmFibHkgZ2F5IG9yIHNtdGgK
frontend_token: y
challenges_domain: fqdn
kubeconfig: path/to/kubeconfig
kubecontext: damctf-cluster
$PROFILE2:
...Having a single e.g. database container for multiple "frontend" containers is not easy in a single pod, so maybe allow for splitting across single pods?
- Automatically create services for all pods? We do anyways for TCP traffic
TODO: JSON schema!
name: string
author: person
description: also string
# used for point values in rcds.yaml
# 0 for survey/rules chal?
difficulty: 1
# alternatively, flag: dam{wtf}
flag:
# only one of these should be used at a time (?)
file: ./flag
text: dam{d33z_nu75}
regex: /dam{[ab]+}/
verifier: # program to verify flag validity (not shell scripts cause security, Haskell/OCaml? :P)
provide:
- file1
# each individual pod is gonna allow only 1 container for now
pods:
- name: string
build: # in the style of docker-compose
env: # docker compose style
resources: # optional; see global config, also TBD
replicas: num
ports:
# 1 port per entry
- internal: number
expose:
tcp: port
http: subdomain:port # or fqdn
volume: /path/in/container # optional; provider-dependent