diff --git a/README.md b/README.md index 358d4ac..86229a2 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ To switch user use: - [x] modification of run.sh - [x] screen usege - [x] SSH keys -- [ ] Full test under VM +- [X] Full test under VM - [ ] Can it run under LXC container??? diff --git a/Forge-1.20.1.jar b/data/Forge-1.20.1.jar similarity index 100% rename from Forge-1.20.1.jar rename to data/Forge-1.20.1.jar diff --git a/Mods.zip b/data/Mods.zip similarity index 100% rename from Mods.zip rename to data/Mods.zip diff --git a/eula.txt b/data/eula.txt similarity index 100% rename from eula.txt rename to data/eula.txt diff --git a/mc-forge.service b/data/mc-forge.service similarity index 100% rename from mc-forge.service rename to data/mc-forge.service diff --git a/mc-perfect.pub b/data/mc-perfect.pub similarity index 100% rename from mc-perfect.pub rename to data/mc-perfect.pub diff --git a/run.sh b/data/run.sh similarity index 100% rename from run.sh rename to data/run.sh diff --git a/server-icon.png b/data/server-icon.png similarity index 100% rename from server-icon.png rename to data/server-icon.png diff --git a/server.properties b/data/server.properties similarity index 100% rename from server.properties rename to data/server.properties diff --git a/user_jvm_args.txt b/data/user_jvm_args.txt similarity index 100% rename from user_jvm_args.txt rename to data/user_jvm_args.txt diff --git a/fandom.service b/fandom.service deleted file mode 100644 index d9f8363..0000000 --- a/fandom.service +++ /dev/null @@ -1,123 +0,0 @@ -[Unit] -Description=Minecraft Server %i -After=network.target - -[Service] -WorkingDirectory=/opt/minecraft/%i - -# Solves the issue where the minecraft server will endlessly restart itself -# See https://askubuntu.com/questions/953920/systemctl-service-timed-out-during-start for more info -Type=simple - -PrivateUsers=true -# Users Database is not available from within the unit, only root and minecraft is available, everybody else is nobody - -User=minecraft -Group=minecraft - -ProtectSystem=full -# Read only mapping of /usr /boot and /etc - -ProtectHome=true -# /home, /root and /run/user seem to be empty from within the unit. It is recommended to enable this setting for all long-running services (in particular network-facing ones). - -ProtectKernelTunables=true -# /proc/sys, /sys, /proc/sysrq-trigger, /proc/latency_stats, /proc/acpi, /proc/timer_stats, /proc/fs and /proc/irq will be read-only within the unit. It is recommended to turn this on for most services. -# Implies MountFlags=slave - -ProtectKernelModules=true -# Block module system calls, also /usr/lib/modules. It is recommended to turn this on for most services that do not need special file systems or extra kernel modules to work -# Implies NoNewPrivileges=yes - -ProtectControlGroups=true -# It is hence recommended to turn this on for most services. -# Implies MountAPIVFS=yes - -# Set default memory values -Environment="MCMINMEM=512M" "MCMAXMEM=1024M" "SHUTDOWN_DELAY=5" "POST_SHUTDOWN_DELAY=10" -# Change memory values in environment file -EnvironmentFile=-/opt/minecraft/%i/server.conf - -# Uncomment this to fix screen on RHEL 8 -#ExecStartPre=+/bin/sh -c 'chmod 777 /run/screen' - -ExecStart=/bin/sh -c \ - 'find -L . \ - -maxdepth 1 \ - -type f \ - -iregex ".*/\\(FTBServer\\|craftbukkit\\|spigot\\|paper\\|forge\\|minecraft_server\\).*jar" \ - -print0 \ - -quit \ - | xargs -0 -I{} \ - /usr/bin/screen -DmS mc-%i \ - /usr/bin/java \ - -server \ - -Xms${MCMINMEM} \ - -Xmx${MCMAXMEM} \ - -XX:+UseG1GC \ - -XX:ParallelGCThreads=2 \ - -XX:MinHeapFreeRatio=5 \ - -XX:MaxHeapFreeRatio=10 \ - -jar {} \ - --nogui' - -# Alternative to the above ExecStart. Found to work better as this creates the screen session prior to invoking java to run the server. -# Solves the problem many encountered when starting the service where it would fail with the error 'no screen session found'. -ExecStartPre=/bin/sh -c \ - 'find -L . \ - -maxdepth 1 \ - -type f \ - -iregex ".*/\\(FTBServer\\|craftbukkit\\|spigot\\|paper\\|forge\\|minecraft_server\\).*jar" \ - -print0 \ - -quit \ - | xargs -0 -I{} \ - /usr/bin/screen -DmS mc-%i' -ExecStart=/bin/sh -c \ - '/usr/bin/java \ - -server \ - -Xms${MCMINMEM} \ - -Xmx${MCMAXMEM} \ - -XX:+UseG1GC \ - -XX:ParallelGCThreads=2 \ - -XX:MinHeapFreeRatio=5 \ - -XX:MaxHeapFreeRatio=10 \ - -jar {} \ # insert server jar name. i.e. 'server.jar' - --nogui' - -# Simplified of alternative -ExecStartPre=/bin/sh -c '/usr/bin/screen -dmS mc-%i' -ExecStart=/bin/sh -c '/usr/bin/java -server -Xmx${MCMAXMEM} -Xms${MCMINMEM} -jar server.jar --nogui' - -ExecReload=/usr/bin/screen -p 0 -S mc-%i -X eval 'stuff "reload"\\015' - -ExecStop=/usr/bin/screen -p 0 -S mc-%i -X eval 'stuff "say SERVER SHUTTING DOWN. Saving map..."\\015' -ExecStop=/bin/sh -c '/bin/sleep ${SHUTDOWN_DELAY}' -ExecStop=/usr/bin/screen -p 0 -S mc-%i -X eval 'stuff "save-all"\\015' -ExecStop=/usr/bin/screen -p 0 -S mc-%i -X eval 'stuff "stop"\\015' -ExecStop=/bin/sh -c '/bin/sleep ${POST_SHUTDOWN_DELAY}' - -Restart=on-failure -RestartSec=60s - -[Install] -WantedBy=multi-user.target - -######### -# HowTo -######### -# -# Create a directory in /opt/minecraft/XX where XX is a name like 'survival' -# Add minecraft_server.jar into dir with other conf files for minecraft server -# -# Enable/Start systemd service -# systemctl enable minecraft@survival -# systemctl start minecraft@survival -# -# To run multiple servers simply create a new dir structure and enable/start it -# systemctl enable minecraft@creative -# systemctl start minecraft@creative -# -# To change specific server memory assignment, create file /opt/minecraft/XX/server.conf (where XX is your server name) and add below lines: -# MCMINMEM=512M -# MCMAXMEM=2048M - diff --git a/iptables b/iptables deleted file mode 100644 index 737793f..0000000 --- a/iptables +++ /dev/null @@ -1,60 +0,0 @@ -# by Maxopoly on github.com/Maxopoly/iptables.rule - -#You probably want to do this in root to reduce the amount of sudos required -su - - -#Install iptables if you haven't already -#Alternatively use packet manager of your choice -apt-get install iptables - -#Allow all incoming traffic to begin with -iptables -P INPUT ACCEPT -#Clean out any existing input rules. You may also remove the "INPUT" argument and run only "iptables -F" to clear all chains. When doing so, make sure there are no rules in other chains that you still need (list via "iptables -L"), for example Oracle cloud servers will have preset rules, which should not be removed. -iptables -F INPUT - -#Allow all internal connections -iptables -A INPUT -i lo -j ACCEPT - -#Allow continuing setup connections -iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT - -#Allow ssh, adjust port if you run it on non-default -iptables -A INPUT -p tcp --dport 22 --source 172.18.42.0/24 -j ACCEPT - -#Allow minecraft, adjust port if you run it on non-default -iptables -A INPUT -p tcp --dport 25565 -j ACCEPT - -#Disallow all input not whitelisted -#DO NOT RUN THIS IF YOU HAVEN'T VERIFIED YOU WHITELISTED SSH, YOU WILL LOCK YOURSELF OUT -iptables -P INPUT DROP - -#Block all forwarding -iptables -P FORWARD DROP - -#Allow all outgoing -iptables -P OUTPUT ACCEPT - -#Save rules, they won't be persisted past restart of the machine otherwise -apt-get install iptables-persistent -#iptables-persistent will load from this file automatically -iptables-save > /etc/iptables/rules.v4 - - -#Optional stuff from here on: - -#If you have other internal servers for backups etc. you can use this to allow any connections from them -iptables -A INPUT -p tcp -s XXX.XXX.XXX.XXX -j ACCEPT - -#Whitelist mumble -iptables -A INPUT -p tcp --dport 64738 -j ACCEPT -iptables -A INPUT -p udp --dport 64738 -j ACCEPT - -#Whitelist Jenkins -iptables -A INPUT -p tcp --dport 8080 -j ACCEPT - -#Whitelist Votifier -iptables -A INPUT -p tcp --dport 8192 -j ACCEPT -iptables -A INPUT -p udp --dport 8192 -j ACCEPT - -#Allow ICMP, this also makes server health check tools from various hosting providers happier -iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT diff --git a/podklady.md b/podklady.md deleted file mode 100644 index d251ac8..0000000 --- a/podklady.md +++ /dev/null @@ -1,49 +0,0 @@ -# Best to run on sudo su - because of permisions - -# Just to be shure -sudo apt update -sudo apt upgrade -y - -# SSH keys -ssh-copy-id -f -i mc-perfect.pub godot@localhost - -# Dependencies -sudo apt install qemu-guest-agent neofetch btop vim tmux -y # I like these -sudo apt install openjdk-17-jre-headless screen p7zip-full -y # Realy needed - -#User and groupe managment -groupadd minecraft -useradd --system --shell /usr/sbin/nologin --home /opt/minecraft -g minecraft minecraf - -# File strukture and basic install -mkdir /opt/minecraft # it may exist -cp Mods.zip Forge-1.20.1.jar eula.txt server.properties run.sh mc-forge.service /opt/ -mv Forge-1.20.1.jar minecraft/ -cd /opt/minecraft/ -java -Xms512M -Xmx2048M -jar Forge-1.20.1.jar --installServer -./run.sh # wait antil proces is stoped -rm eula.txt -mv ../eula.txt . -^C -rm -rf world/ -rm server.properties -mv ../server.properties . -rm run.sh -mv ../run.sh . -7z x ../Mods.zip -omods - -# SystemD service -cp mc-forge.service /etc/systemd/system/ -systemctl enable mc-forge - -# Permision handeling -chown -R minecraft:minecraft /opt/minecraft - -# ipTable script integration -# **Integration of script** - -# CloudFlare integration -# **TODO!** - -# Start server thruw systemD -systemctl start mc-forge.service diff --git a/script.sh b/script.sh index 4243c44..762cc72 100755 --- a/script.sh +++ b/script.sh @@ -1,10 +1,10 @@ #!/bin/bash -printf "Better to run as root, because of permisions handeling." +printf "Better to run as root, because of permisions handeling.\n" sleep 2 -printf "Do you want to set up firewall rules by iptables? [Y/n]: " +printf "Do you want to set up firewall rules by iptables? [Y/n]: \n" read ansFirewallSetup @@ -69,7 +69,7 @@ useradd --system --shell /usr/sbin/nologin --home /opt/minecraft -g minecraft mi # File strukture and basic install mkdir /opt/minecraft -mv Forge-1.20.1.jar /opt/minecraft/ +mv data/Forge-1.20.1.jar /opt/minecraft/ cd /opt/minecraft/ @@ -80,7 +80,9 @@ java -Xms512M -Xmx2048M -jar Forge-1.20.1.jar --installServer cd - -mv eula.txt server-icon.png server.properties run.sh user_jm_args.txt /opt/minecraft/ +cd data/ +mv eula.txt server-icon.png server.properties run.sh user_jvm_args.txt /opt/minecraft/ +cd .. mkdir /opt/minecraft/mods @@ -143,5 +145,5 @@ fi printf "\n+ Done, thanks for your time. It is goode idea to chack if everythink is alright by running:" printf "\nsystemctl status mc-forge" -printf "\nu minecraft -s /bin/bash" +printf "\nsu minecraft -s /bin/bash" printf "\n+ it is good idea to have some fun with screen before trying to open minecraft conesole 'screen -r' while loged wia minecraft user"