new reserch

README.md

@@ -1,42 +1,45 @@
-## To DO!
-- [x] Firewall shinanigns
-- [x] Auto add plugins
-- [x] SystemD service
-- [x] Config of velocity.toml
-- [x] Tailscale
-- [x] Integrate ReWhitelist plugin
-- [x] Auto set up logo intagret to script
-- [x] SkinRestorer auto setup
-- [ ] Better system for plugin install checks
-- [ ] Checks for what is done
+## Configuration
+- [x] Branching
+- [ ] Config requriments
+    - [ ] Forwarding secret insert
+    - [ ] Forwarding type insert
+    - [x] Apt installed pakages
+        - [x] check on new dependency
+        - [x] Detect change and move
+        - [x] Detect status
+        - [x] Iptables add
+    - [ ] File structure 
+        - [ ] Datect change and move
+    - [ ] User managment
+        - [ ] Datect change and move
+    - [ ] Insert date in to .cfg
+    - [ ] Automake old.cfg
+- [ ] Owner and permisions
+    - [ ] Starting script to elevate priviliges
 
-## To learn
-- [x] What content of start.sh means
-- [x] Requred resources
-- [x] Different types of forwarding
-- [x] In their docs they have pages
+## Modularity
+- [ ] Break into separate files
+    - [ ] Firewall update
+    - [ ] Whitelists -  My players
+    - [ ] Base update
+        - [ ] Nakolik duverovat old.cfg / check system
+    - [ ] Mods update
+    - [ ] Service update
+    - [ ] Tailscale update
+- [ ] Test owner of master script (source/run .)
+- [ ] Version control
+- [ ] Error handelign
+- [ ] Permisons handeling
+- [ ] Put on chrono job (git pull + run install.sh)
 
-## Used plugins
+## Eye candy
+- [ ] Comments
+- [ ] Disable bunch of text
 
-- [Ambassador](https://github.com/adde0109/Ambassador) (on Proxy for Forge support)
-    - [Proxy Compatible Forge](https://github.com/adde0109/Proxy-Compatible-Forge) (On server for Velocity)
-- [ReWhitelist](https://hangar.papermc.io/ReModded/ReWhitelist) (on Proxy for whitelisting)
-- [SkinRestorer Velocity plugin](https://hangar.papermc.io/SRTeam/SkinsRestorer)
-    - [SkinRestorer](https://modrinth.com/mod/skinrestorer)
+## Nice
+- [ ] do NOT store everything in repo
 
-## To NOT use
 
-- [Fabric proxy lite](https://modrinth.com/mod/fabricproxy-lite/) (basicly Ambassador for Fabric)
+## Links
+- [Forward forge client](https://modrinth.com/mod/forward-forge-client-reset-packet) for smoth move
 
-## To use plagins
-- Player Inventory Database
-    - [PlayerSync](https://www.curseforge.com/minecraft/mc-mods/playersync/files/all?page=1&pageSize=20&version=1.20.1) - Forge
-    - [Dusty data sync](https://modrinth.com/mod/dusty-data-sync) - idk
-    - [InvSync](https://modrinth.com/mod/invsync) - Fabric
-    - [HuskSync](https://william278.net/project/husksync/) - Fabric
-- [LackyPerms](https://luckperms.net/wiki/Network-Installation)
-- [MultiEconomy](https://modrinth.com/mod/multieconomy)
-- [GitHub repo of nice Velocity Plugins](https://github.com/Syrent/Switch-to-Velocity?tab=readme-ov-file#necessary-plugins)
-- [Sinytra Connector](https://modrinth.com/mod/connector) (Run Fabric mods on Forge)
-- Plan-Player-Analytics X Plan-Player-Analytics
-- DynMap

install.cfg

@@ -0,0 +1,26 @@
+# Base informations
+lastUpdateDate= #to version control
+baseInstallLocation=/opt/velocity/
+baseUserName=velocity
+dependenciesInstalled=yes
+dependencies=('openjdk-17-jre-headless' 'screen')
+systemdService=yes #if y > update, n > disable
+autoUpgrade=yes 
+
+# Firewall
+iptables=yes #to check if installed + install
+tailscale=yes #to check if installed + install
+sshRange=tailscale # Ip range
+
+# Mods
+Ambassador=yes #Forge support
+ReWhitelist=yes #Whitelist support
+SkinResolver=yes #Skins with offline mode
+
+# Proxiing information
+forwarding=modern # modern/legacy #how to not set duble velocity.toml
+forwardingSecret=
+
+
+
+

install.sh

@@ -0,0 +1,123 @@
+#!/bin/bash
+
+# import configs
+. install.cfg
+. install/old.cfg
+
+
+#stop service
+systemctl stop mc-forge
+
+#update system
+apt update
+
+if [[ "$autoUpgrade" == "yes" ]]; then
+	apt upgrade -y
+fi
+
+### Template on chack
+: '
+old=""
+new=""
+
+if   [[ "$old" == "yes" && "$new" == "yes" ]]; then 
+		# dubble yes
+		echo "check"
+elif [[ "$old" == "no" && "$new" == "yes" ]]; then
+		# no > yes
+		echo "install"
+elif [[ "$old" == "no" && "$new" == "no" ]]; then
+		# dubble no
+		echo "report"
+elif [[ "$old" == "yes" && "$new" == "no" ]]; then
+		# yes > no
+		echo "uninstall"
+else
+		#error handeling
+fi
+'	
+
+### --- Base dependencies check --- ###
+
+### Deps check ###
+old="oDependenciesInstalled"
+new="dependenciesInstalled"
+
+if [[ "$new" == "yes" ]]; then 
+		BaseDep="install"
+elif [[ "$old" == "no"]]; then
+		# dubble no
+		BaseDep="report"
+elif [[ "$old" == "yes"]]; then
+		# yes > no
+		BaseDep="uninstall"
+else
+		#error handeling
+fi
+
+### File location check ###
+if   [[ "$oBaseInstallLocation" == "$baseInstallLocation" ]]; then
+	# location does not changed
+
+elif [[ ! "$oBaseInstallLocation" == "$baseIstallLocation" ]]; then
+	# location changed
+
+else
+	# error handeling
+
+fi
+
+
+
+### Template on chack
+old=""
+new=""
+
+if [[ "$old" == "yes" && "$new" == "yes" ]]; then 
+		# dubble yes
+		echo "check"
+elif [[ "$old" == "no" && "$new" == "yes" ]]; then
+		# no > yes
+		echo "install"
+elif [[ "$old" == "no" && "$new" == "no" ]]; then
+		# dubble no
+		echo "report"
+elif [[ "$old" == "yes" && "$new" == "no" ]]; then
+		# yes > no
+		echo "uninstall"
+else
+		#error handeling
+fi
+
+
+
+
+
+
+#
+# Differencies betwen install.cfg a install-old.cfg > found what work needs to be done
+# 
+# If uninstall check for verification
+#
+# depandencies install 
+# files
+# user
+# 
+# velocity.toml
+# 
+# mods
+#
+# firewall 
+#
+# systemD rm script + cp new
+# 
+# Tailscale install
+#
+# chown velocity:velocity
+#
+
+printf "\n Everythink is now set up. It is good idea to check these:"
+printf "\n systemctl status mc-velocity"
+printf "\n su velocity -s /bin/bash \n"
+
+# Update install-old.cfg (date as version number)

install/base.sh

@@ -0,0 +1,145 @@
+#!/bin/bash
+
+### Checks dependencies arrays ###
+depDiff=()
+
+for oPkg in "${oDependencies[@]}"; do
+    skip=
+    for pkg in "${dependencies[@]}"; do
+        [[ $oPkg == $pkg ]] && { skip=1; break; }
+    done
+    [[ -n $skip ]] || depDiff+=("$oPkg")
+done
+
+declare -p depDiff
+
+if [[ ! "${#depDiff[@]}" == 0 ]]; then
+	printf "These dependencies are newly not requred: ${depDiff[@]} \n"
+	printf "Do you wish to uninstall them? [Y/n]: \n"
+	read ansDiff -n 1
+
+	if [[ "$ansDiff" =~ ("y"|"Y") || -z $ansDiff ]]; then
+		
+		apt remove ${depDiff[@]}
+
+	fi
+fi
+
+### Checks dependencies ### 
+DepNum=0
+DepMissing=()
+DepInstalled=()
+
+if [[ "$iptables" == "yes" ]]; then
+	dependencies+=('iptables')
+fi
+
+for pkg in "${dependencies[@]}"; do
+	if [[ '$(dpkg-query -w --showformat="${Status}\n" $pkg | grep "install ok installed")' =~ ("install"|"ok"|"installed") ]]; then
+		# pkg is installed
+		((DepNum++))
+		DepInstalled+=("$pkg")
+	else
+		# pkg is NOT installed
+		DepMissing+=("$pkg") 
+	fi
+done
+
+### Count dependencies ###
+if   [[ "$DepNum" == "${#dependencies[@]}" ]]; then 
+	#All dependencies are installed
+	DepStatus="all"
+elif [[ "${#DepMissing[@]}" == "${#dependencies[@]}" ]]; then
+	#All dependencies are missing
+	DepStatus="none"
+else
+	#Something is missing
+	DepStatus="some"
+fi
+
+### Installing / Uninstallign base od prereqisites ###
+
+if   [[ "$BaseDep" == ("install") && "$DepStatus" == "all" ]]; then
+	# everything is allright
+	pritnf "it is done bro \n"
+
+elif [[ "$BaseDep" == ("install") && "$DepStatus" == ("none"|"some") ]]; then
+	# some or none was installed installing rest
+	apt install ${DepMissing[@]}
+	printf "it is done now bro \n"
+
+elif [[ "$BaseDep" == "uninstall" && "$DepStatus" == "none" ]]; then
+	# uninstall but it is not there
+
+elif [[ "$BaseDep" == "uninstall" && "$DepStatus" == ("some"|"all") ]]; then
+	# uninstall
+	apt remove ${DepInstalled[@]}
+
+elif [[ "$BaseDep" == "report" && "$DepStatus" == "none" ]]; then
+	# nothing to do
+
+elif [[ "$BaseDep" == "report" && "$DepStatus" == ("some"|"all") ]]; then
+	printf "Do you want to uinstall these dependencies? [Y/n]
+	printf "${DepInstalled[@]}
+	read ansReport -n 1
+
+	if [[ "$ansReport" =~ ("y"|"Y"|"yes"|"Yes") || -z $ansReport ]]; then
+		apt remove ${DepInstalled[@]}
+	else
+		printf "Hope you know what you are doing."
+	fi
+
+else
+	# error handeling
+	
+fi
+
+
+### --- File Structure --- ###
+
+if   [[ "$oBaseInstallLocation" == "$baseInstallLocation" ]]; then
+	# location did not chage
+	# !TODO chack location
+
+elif [[ ! "$oBaseInstallLocation" == "$baseIstallLocation" ]]; then
+	# location changed
+	# !TODO test if location is used
+
+	printf "+ creating new file structure in $baseInstallLocation \n"
+	mkdir $baseInstallLocation
+
+	cp data/velocity*.jar start.sh $baseInstallLocation
+
+	mkdir $baseInstallLocation)/plugins
+
+	cp data/velocity.toml data/forwarding.secret data/start.sh data/server-icon.png $baseInstallLocation
+
+
+else
+	# error handeling
+
+fi
+
+
+### --- User managment --- ###
+
+### ------------ Needs work ----------- ###
+
+### User managment 
+
+printf "+ creating group and user for proxy \n"
+groupadd velocity
+
+useradd --system --shell /usr/sbin/nologin --home /opt/velocity -g velocity velocity
+
+
+### File structure 
+
+printf "+ creating file structure in /opt/velocity/ \n"
+mkdir /opt/velocity
+
+cp data/velocity*.jar start.sh /opt/velocity/
+
+mkdir /opt/velocity/plugins
+
+cp data/velocity.toml data/forwarding.secret data/start.sh data/server-icon.png $baseInstallLocation

install/firewall.sh

@@ -0,0 +1,87 @@
+#!/bin/bash
+
+### Firewall get info
+
+printf "Do you want to set up firewall rules by iptables? [Y/n]: \n"
+read ansFirewallSetup
+
+
+if [[ "$ansFirewallSetup" =~ ("N"|"n") ]]; then
+
+	printf "+ Thanks, working on next bit\n"
+
+
+elif [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z $ansFirewallSetup ]]; then
+	
+	printf "Do you want to block non-Tailscale ssh connections? [Y/n]: "
+	read sshBlockRange
+
+
+	if [[ "$sshBlockRange" =~ ("n"|"N") ]]; then
+	
+		printf "If you want, input your own IP range [N/range]\n"
+		read sshRange
+
+		if [[ "$sshRange" =~ ("n"|"N") || -z $sshRange ]]; then
+			printf "+ Making your SSH connections wide and open. After we are done, do somethink with it. /n"
+			ipList="*"
+		else
+			printf "+ Accepting SSH connections only on these ip's: $sshRange\n"
+			ipList="$sshRange"
+		fi
+
+	fi	
+fi
+
+
+### integration of Maxopoly's instructions on firewall 
+
+if [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z "$ansFirewallSetup" ]]; then
+	
+		printf "+ Executing firewall setup"
+
+		iptables -P INPUT ACCEPT #Clears existing rules
+
+		iptables -A INPUT -i lo -j ACCEPT #Allow loopback
+
+		iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #Allow continuing connections
+
+		iptables -A INPUT -p tcp --dport 25577 -j ACCEPT #Allow Velocity port
+
+		if [[ "$ipList" = "*" ]]; then
+			
+			### Wide and open
+
+			iiptables -A INPUT -p tcp --dport 22 j ACCEPT # Allow wide and open ssh on port 22
+		
+		elif [[! "$ipList" -z ]]; then
+
+			### Manual IP range
+
+			iptables -A INPUT -p tcp --dport 22 --source $ipList -j ACCEPT # Allow limited ssh port 22
+		fi
+
+		iptables -L ### Good place to paste a manual check to not lock yourself out 
+
+		printf "\n Does it looks right? [Y/n]: "
+			read ansFirewallOK
+
+		if [[ "$ansFirewallOK" =~ ("Y"|"y") || -z "$ansFirewallOK" ]]; then	
+		
+			iptables -P INPUT DROP #Disallow everythink else
+
+			iptables -P FORWARD DROP #Block all forwarding
+
+			iptables -P OUTPUT ACCEPT #Allow all outgouing
+	
+			 apt install iptables-persistent -y
+
+		else
+			
+			printf "\nOK it is time for manual configuration"
+			printf "\nAfter you are done ramamber to run 'apt install iptables-persistent' to save your config. System will automaticly remove your work after restart"
+
+		fi
+fi
+
+

install/mods.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+printf "Do you want to run Velocity with Forge server? [Y/n]: \n"
+read ansForge
+
+if [[ "$ansForge" =~ ("Y"|"y") || -z $ansForge ]]; then
+	printf "+ adding reqired plugin \n"
+	cp data/Ambassador*.jar /opt/velocity/plugins
+fi
+
+printf "Do you want to run it with whitelist plugin? [Y/n]: \n"
+read ansWhite
+
+if [[ "$ansWhite" =~ ("Y"|"y") || -z $ansWhite ]]; then
+	printf "+ adding reqired plugin \n"
+	cp data/ReWhitelist*.jar /opt/velocity/plugins
+	mkdir /opt/velocity/whitelists
+	cp data/whitelists/* /opt/velocity/whitelists/
+fi
+
+printf "Do you want to run it with SkinRestorer? [Y/n]: \n"
+read ansSkin
+
+if [[ "$ansSkin" =~ ("Y"|"y") || -z $ansSkin ]]; then
+	printf "+ adding reqired plugin \n"
+	cp data/SkinsRestorer.jar /opt/velocity/plugins
+fi
+
+

install/old.cfg

@@ -0,0 +1,24 @@
+### ------------ Do not change these stats, it states what job was done on this system --- ###
+
+# Base informationsOOUpdateDate= #to version control
+oBaseInstallLocation=no
+oBaseUserName=no
+oDependenciesInstalled=no #if set to no will do it
+oDependencies=('openjdk-17-jre-headless' 'screen')
+oSystemdService=no #if y > update, n > not
+oautoUpgrade=no #work in progress
+
+# Firewall
+oiptables=no #to check if installed + install
+otailscale=no #to check if installed + install
+osshRange=no # Ip range
+
+# Mods
+oAmbassador=no #Forge support
+oReWhitelist=no #Whitelist support
+oSkinResolver=no #Skins with offline mode
+
+# Proxiing information
+oforwarding=no # modern/legacy #how to not set duble velocity.toml
+oforwardingSecret=no
+

install/service.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+### SystemD service
+printf "+ Preparign systemD service\n"
+cp data/mc-velocity.service /etc/systemd/system/
+
+systemctl daemon-reload
+
+
+
+### Start service
+
+printf "Do you want to start velocity proxy right now? [Y/n]: \n"
+read startServer
+
+if [[ "$startServer" =~ ("y"|"Y") || -z $startServer ]]; then
+	systemctl start mc-velocity
+fi
+	
+systemctl enable mc-velocity
+
+

install/tailscale.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+### tailsclae install
+
+printf "Do you want to install Tailscale now? [Y/n]: \n"
+read ansTail
+
+if [[ "$ansTail" =~ ("y"|"Y") || -z $ansTail ]]; then
+	
+	curl -fsSL https://tailscale.com/install.sh | sh
+
+
+	if [[ "$sshBlockRange" =~ ("y"|"Y") || -z $sshBlockRange ]]; then
+		tailscale up --ssh
+	else
+		tailscale up
+	fi
+
+fi	
+
+

script.sh

@@ -1,200 +0,0 @@
-#!/bin/bash
-
-printf "Better to run as root, because of permisions handeling.\n"
-
-sleep 2
-
-
-### Firewall 
-
-printf "Do you want to set up firewall rules by iptables? [Y/n]: \n"
-read ansFirewallSetup
-
-
-if [[ "$ansFirewallSetup" =~ ("N"|"n") ]]; then
-
-	printf "+ Thanks, working on next bit\n"
-
-
-elif [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z $ansFirewallSetup ]]; then
-	
-	printf "Do you want to block non-Tailscale ssh connections? [Y/n]: "
-	read sshBlockRange
-
-
-	if [[ "$sshBlockRange" =~ ("n"|"N") ]]; then
-	
-		printf "If you want, input your own IP range [N/range]\n"
-		read sshRange
-
-		if [[ "$sshRange" =~ ("n"|"N") || -z $sshRange ]]; then
-			printf "+ Making your SSH connections wide and open. After we are done, do somethink with it. /n"
-			ipList="*"
-		else
-			printf "+ Accepting SSH connections only on these ip's: $sshRange\n"
-			ipList="$sshRange"
-		fi
-
-	fi	
-fi
-
-### Update 
-
-sleep 2
-
-printf "+ Updating your base system\n"
-
-apt update && apt upgrade -y
-
-printf "+ Installing depandencies \n"
-
-apt install openjdk-17-jre-headless screen
-
-
-if [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z $ansFirewallSetup  ]]; then
-	 apt install iptables -y
-fi
-
-### User managment 
-
-printf "+ creating group and user for proxy \n"
-groupadd velocity
-
-useradd --system --shell /usr/sbin/nologin --home /opt/velocity -g velocity velocity
-
-
-### File structure 
-
-printf "+ creating file structure in /opt/velocity/ \n"
-mkdir /opt/velocity
-
-mv data/velocity*.jar start.sh /opt/velocity/
-
-mkdir /opt/velocity/plugins
-
-mv data/velocity.toml /opt/velocity/
-mv data/forwarding.secret /opt/velocity/
-mv data/start.sh /opt/velocity/
-mv data/server-icon.png /opt/velocity/
-
-### Permisions 
-
-printf "+ handeling permisions \n"
-chown -R velocity:velocity  /opt/velocity/
-
-
-
-### SystemD service
-printf "+ Preparign systemD service\n"
-mv data/mc-velocity.service /etc/systemd/system/
-
-systemctl daemon-reload
-
-### integration of Maxopoly's instructions on firewall 
-
-if [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z "$ansFirewallSetup" ]]; then
-	
-		printf "+ Executing firewall setup"
-
-		iptables -P INPUT ACCEPT #Clears existing rules
-
-		iptables -A INPUT -i lo -j ACCEPT #Allow loopback
-
-		iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #Allow continuing connections
-
-		iptables -A INPUT -p tcp --dport 25577 -j ACCEPT #Allow Velocity port
-
-		if [[ "$ipList" = "*" ]]; then
-			
-			### Wide and open
-
-			iiptables -A INPUT -p tcp --dport 22 j ACCEPT # Allow wide and open ssh on port 22
-		
-		elif [[! "$ipList" -z ]]; then
-
-			### Manual IP range
-
-			iptables -A INPUT -p tcp --dport 22 --source $ipList -j ACCEPT # Allow limited ssh port 22
-		fi
-
-		iptables -L ### Good place to paste a manual check to not lock yourself out 
-
-		printf "\n Does it looks right? [Y/n]: "
-			read ansFirewallOK
-
-		if [[ "$ansFirewallOK" =~ ("Y"|"y") || -z "$ansFirewallOK" ]]; then	
-		
-			iptables -P INPUT DROP #Disallow everythink else
-
-			iptables -P FORWARD DROP #Block all forwarding
-
-			iptables -P OUTPUT ACCEPT #Allow all outgouing
-	
-			 apt install iptables-persistent -y
-
-		else
-			
-			printf "\nOK it is time for manual configuration"
-			printf "\nAfter you are done ramamber to run 'apt install iptables-persistent' to save your config. System will automaticly remove your work after restart"
-
-		fi
-fi
-
-### tailsclae install
-
-printf "Do you want to install Tailscale now? [Y/n]: \n"
-read ansTail
-
-if [[ "$ansTail" =~ ("y"|"Y") || -z $ansTail ]]; then
-	
-	curl -fsSL https://tailscale.com/install.sh | sh
-
-
-	if [[ "$sshBlockRange" =~ ("y"|"Y") || -z $sshBlockRange ]]; then
-		tailscale up --ssh
-	else
-		tailscale up
-	fi
-
-fi	
-
-printf "Do you want to run Velocity with Forge server? [Y/n]: \n"
-read ansForge
-
-if [[ "$ansForge" =~ ("Y"|"y") || -z $ansForge ]]; then
-	printf "+ adding reqired plugin \n"
-	mv data/Ambassador*.jar /opt/velocity/plugins
-fi
-
-printf "Do you want to run it with whitelist plugin? [Y/n]: \n"
-read ansWhite
-
-if [[ "$ansWhite" =~ ("Y"|"y") || -z $ansWhite ]]; then
-	printf "+ adding reqired plugin \n"
-	mv data/ReWhitelist*.jar /opt/velocity/plugins
-	mkdir /opt/velocity/whitelists
-	mv data/whitelists/* /opt/velocity/whitelists/
-fi
-
-printf "Do you want to run it with SkinRestorer? [Y/n]: \n"
-read ansSkin
-
-if [[ "$ansSkin" =~ ("Y"|"y") || -z $ansSkin ]]; then
-	printf "+ adding reqired plugin \n"
-	mv data/SkinsRestorer.jar /opt/velocity/plugins
-fi
-
-### Start service
-
-printf "Do you want to start velocity proxy right now? [Y/n]: \n"
-read startServer
-
-if [[ "$startServer" =~ ("y"|"Y") || -z $startServer ]]; then
-	systemctl start mc-velocity
-fi
-	
-systemctl enable mc-velocity
-
-printf "\n Everythink is now set up. It is good idea to check these:"
-printf "\n systemctl status mc-velocity"
-printf "\n su velocity -s /bin/bash \n"