Pre-configured kubernetes infrastructure with load balancing and some network hardening enabled. Also contains per-team challenge assignment for web challenges. Inspired by kCTF.
- Create the cluster
./scripts/cluster-deploy- Configure the cluster and IAM resources.
./scripts/cluster-configure- Create config/values.yaml and populate it with values.
domain:
challenges: <root domain where challenges are hosted> # challenges will be a subdomain of this
replicas:
challenge-manager: 2
containerRegistry: gcr.io/example # don't include the slash at the end
cert:
email: <contact email> # required for letsencrypt
cfDNSToken: <cloudflare dns token> # used to configure dns-01 certificate validation- Deploy the helm stack.
helm install kubectf -f config/values.yaml chart/- Upload the sample whoami challenge
GOOGLE_APPLICATION_CREDENTIALS=<sevice account json> ./scripts/process-isolated-challengesTODO
./scripts/process-isolated-challengesalready exists to process the challenge templates and upload them to Google Cloud Datastore. We should integrate this with GitHub actions in order to do automatic deployments on push.- Interface this with CTFd
- TLS termination for challenges, which can be done by adding cert-manager.