ctfer

command module
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 12, 2026 License: Apache-2.0 Imports: 7 Imported by: 0

README

CTFer

reference go report Coverage Status
License CI CodeQL
OpenSSF Scoreboard

The CTFer component is in charge of the production-ready deployment of a CTF platform (CTFd) along its cache (Redis), database (PostgreSQL) and support of OpenTelemetry, in a Kubernetes environment.

The CTFer architecture.

[!CAUTION]

This component is an internal work mostly used for development purposes. It is used for production purposes too, i.e. on Capture The Flag events.

Nonetheless, we do not include it in the repositories we are actively maintaining, and is subject to future major changes with no migration capability.

📦 Deployment

Configuration

The default configuration will work, but you might not end up with a ✨ perfect 🤌 setup.

To do so, you can look at the whole Pulumi.yaml configuration. We detail some of them here.

Custom images

If you want to use custom images of CTFd (e.g., with your plugins or theme).

pulumi config set --path platform.image ctferio/ctfd:3.8.1-0.9.0
Configure Chall-Manager URL

If you want to configure the ChallManager URL.

pulumi config set chall-manager-url http://chall-manager-svc.ctfer:8080/api/v1
Custom Certificate

If you want to use a custom certificate. We HIGHLY recommend it for production purposes, especially to avoid MitM attacks, credentials leakage and so on.

# export PULUMI_CONFIG_PASSPHRASE before
# https://github.com/pulumi/pulumi/issues/6015
cat /path/to/crt.pem | pulumi config set --secret --path platform.crt
cat /path/to/key.pem | pulumi config set --secret --path platform.key
Filesystem

If you want to have a larger filesystem, for instance for uploads on CTFd.

pulumi config set --path plateform.storage-size 10Gi
Workers and Replicas

If you want to configure several workers on CTFd.

pulumi config set-all \
  --path platform.workers 3 \
  --path platform.replicas 3

[!WARNING] You will need a ReadWriteMany compatible CSI (e.g., Longhorn) if the Pods are scheduled on several nodes

pulumi config set-all \
  --path platform.pvc-access-modes[0] ReadWriteMany \
  --path platform.storage-class longhorn
Requests and Limits

If you want to configure other resources than default.

pulumi config set-all \
  --path platform.requests.cpu 1 \
  --path platform.requests.memory 2Gi \
  --path platform.limits.cpu 1 \
  --path platform.limits.memory 1Gi

If you don't need air-gap settings, you can directly skip to the deployment.

Air-gap environments

Requirements:

First of all, synchronize and your manifest with existing setup (e.g. online mock infrastructure).

cd hack
hauler store sync -f hauler-manifest-ha.yaml
hauler store copy registry://registry.dev1.ctfer-io.lab

Then, configure your Pulumi stack.

pulumi config set-all \
  images-repository registry.dev1.ctfer-io.lab \
  charts-repository oci://registry.dev1.ctfer-io.lab/hauler

Let's do it!

Now the last-mile for infrastructure-specific configuration, and you should be good to deploy CTFer! 💪

pulumi config set-all \
  --path platform.hostname ctfd.dev1.ctfer-io.lab \
  --path ingress-labels.name traefik \
  --path db.operator-namespace cnpg-system

pulumi up

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
common
parts

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.