AWSTemplateFormatVersion: '2010-09-09' Description: Nakama ECS Task Parameters: ServerName: Type: String Default: "nakama-default" #---------------------------- # Admin Portal Configuration #---------------------------- NakamaUsername: Type: String Description: Username to access the Nakama admin portal Default: "admin" NakamaPasswordOverride: Type: String Description: Override Nakama admin portal password Default: "" #------------------------ # Database Configuration #------------------------ DatabaseUsername: Type: String Description: Username of the Postgres server Default: postgres DatabasePassword: Type: String Description: Password for the Postgres server DatabaseEndpoint: Type: String Description: Endpoint for the Postgres server DatabasePort: Type: Number Description: Port for the Postgres server Default: 5432 Conditions: CreateSecret: !Equals [!Ref NakamaPasswordOverride, ""] Resources: AdminPortalPassword: Type: AWS::SecretsManager::Secret Condition: CreateSecret Properties: Name: !Sub "nakama/admin/password" Description: "Admin portal password for Nakama" GenerateSecretString: ExcludePunctuation: true ExcludeCharacters: '"@/\' LogGroup: Type: AWS::Logs::LogGroup Properties: RetentionInDays: 7 LogGroupName: "sumu-nakama" TaskDefinition: Type: AWS::ECS::TaskDefinition Properties: ContainerDefinitions: - Name: nakama Essential: 'true' Image: "heroiclabs/nakama:2.7.0" MemoryReservation: 800 PortMappings: - HostPort: 0 ContainerPort: 7348 - HostPort: 0 ContainerPort: 7349 - HostPort: 0 ContainerPort: 7350 - HostPort: 0 ContainerPort: 7351 LogConfiguration: LogDriver: awslogs Options: awslogs-region: Ref: AWS::Region awslogs-group: Ref: LogGroup MountPoints: - ContainerPath: /nakama/volume SourceVolume: "nakama-volume" EntryPoint: - "/bin/sh" - "-ecx" - !Join ["", [ !Sub "/nakama/nakama migrate up --database.address ${DatabaseUsername}:${DatabasePassword}@${DatabaseEndpoint}:${DatabasePort} &&\n", !Sub "exec /nakama/nakama --name ${ServerName} --database.address ${DatabaseUsername}:${DatabasePassword}@${DatabaseEndpoint}:${DatabasePort} --console.username ${NakamaUsername} --console.password \"", !If [CreateSecret, !Join ["", ["{{resolve:secretsmanager:", !Ref AdminPortalPassword,":SecretString}}" ]], !Ref NakamaPasswordOverride ], "\"" ]] Volumes: - Name: "nakama-volume" Outputs: TaskArn: Description: ARN of the TaskDefinition Value: !Ref TaskDefinition