new reserch

file location base
big cleanup
2024-08-13 21:55:51 +02:00 · 2024-08-11 14:06:35 +02:00 · 2024-08-11 12:25:49 +02:00 · 2024-08-11 12:23:53 +02:00 · 2024-08-11 01:28:29 +02:00 · 2024-08-09 16:05:57 +02:00
10 changed files with 516 additions and 236 deletions
--- a/README.md
+++ b/README.md
@ -1,42 +1,45 @@
-## To DO!
+## Configuration
- [x] Firewall shinanigns
+- [x] Branching
- [x] Auto add plugins
+- [ ] Config requriments
- [x] SystemD service
+    - [ ] Forwarding secret insert
- [x] Config of velocity.toml
+    - [ ] Forwarding type insert
- [x] Tailscale
+    - [x] Apt installed pakages
- [x] Integrate ReWhitelist plugin
+        - [x] check on new dependency
- [x] Auto set up logo intagret to script
+        - [x] Detect change and move
- [x] SkinRestorer auto setup
+        - [x] Detect status
- [ ] Better system for plugin install checks
+        - [x] Iptables add
- [ ] Checks for what is done
+    - [ ] File structure 
        - [ ] Datect change and move
    - [ ] User managment
        - [ ] Datect change and move
    - [ ] Insert date in to .cfg
    - [ ] Automake old.cfg
 - [ ] Owner and permisions
    - [ ] Starting script to elevate priviliges
-## To learn
+## Modularity
- [x] What content of start.sh means
+- [ ] Break into separate files
- [x] Requred resources
+    - [ ] Firewall update
- [x] Different types of forwarding
+    - [ ] Whitelists -  My players
- [x] In their docs they have pages
+    - [ ] Base update
        - [ ] Nakolik duverovat old.cfg / check system
    - [ ] Mods update
    - [ ] Service update
    - [ ] Tailscale update
 - [ ] Test owner of master script (source/run .)
 - [ ] Version control
 - [ ] Error handelign
 - [ ] Permisons handeling
 - [ ] Put on chrono job (git pull + run install.sh)
-## Used plugins
+## Eye candy
 - [ ] Comments
 - [ ] Disable bunch of text
- [Ambassador](https://github.com/adde0109/Ambassador) (on Proxy for Forge support)
+## Nice
-    - [Proxy Compatible Forge](https://github.com/adde0109/Proxy-Compatible-Forge) (On server for Velocity)
+- [ ] do NOT store everything in repo
 - [ReWhitelist](https://hangar.papermc.io/ReModded/ReWhitelist) (on Proxy for whitelisting)
 - [SkinRestorer Velocity plugin](https://hangar.papermc.io/SRTeam/SkinsRestorer)
    - [SkinRestorer](https://modrinth.com/mod/skinrestorer)
 ## To NOT use
- [Fabric proxy lite](https://modrinth.com/mod/fabricproxy-lite/) (basicly Ambassador for Fabric)
+## Links
 - [Forward forge client](https://modrinth.com/mod/forward-forge-client-reset-packet) for smoth move
 ## To use plagins
 - Player Inventory Database
    - [PlayerSync](https://www.curseforge.com/minecraft/mc-mods/playersync/files/all?page=1&pageSize=20&version=1.20.1) - Forge
    - [Dusty data sync](https://modrinth.com/mod/dusty-data-sync) - idk
    - [InvSync](https://modrinth.com/mod/invsync) - Fabric
    - [HuskSync](https://william278.net/project/husksync/) - Fabric
 - [LackyPerms](https://luckperms.net/wiki/Network-Installation)
 - [MultiEconomy](https://modrinth.com/mod/multieconomy)
 - [GitHub repo of nice Velocity Plugins](https://github.com/Syrent/Switch-to-Velocity?tab=readme-ov-file#necessary-plugins)
 - [Sinytra Connector](https://modrinth.com/mod/connector) (Run Fabric mods on Forge)
 - Plan-Player-Analytics X Plan-Player-Analytics
 - DynMap
--- a/install.cfg
+++ b/install.cfg
@ -0,0 +1,26 @@
 # Base informations
 lastUpdateDate= #to version control
 baseInstallLocation=/opt/velocity/
 baseUserName=velocity
 dependenciesInstalled=yes
 dependencies=('openjdk-17-jre-headless' 'screen')
 systemdService=yes #if y > update, n > disable
 autoUpgrade=yes 
 # Firewall
 iptables=yes #to check if installed + install
 tailscale=yes #to check if installed + install
 sshRange=tailscale # Ip range
 # Mods
 Ambassador=yes #Forge support
 ReWhitelist=yes #Whitelist support
 SkinResolver=yes #Skins with offline mode
 # Proxiing information
 forwarding=modern # modern/legacy #how to not set duble velocity.toml
 forwardingSecret=
--- a/install.sh
+++ b/install.sh
@ -0,0 +1,123 @@
 #!/bin/bash
 # import configs
 . install.cfg
 . install/old.cfg
 #stop service
 systemctl stop mc-forge
 #update system
 apt update
 if [[ "$autoUpgrade" == "yes" ]]; then
 	apt upgrade -y
 fi
 ### Template on chack
 : '
 old=""
 new=""
 if   [[ "$old" == "yes" && "$new" == "yes" ]]; then 
 		# dubble yes
 		echo "check"
 elif [[ "$old" == "no" && "$new" == "yes" ]]; then
 		# no > yes
 		echo "install"
 elif [[ "$old" == "no" && "$new" == "no" ]]; then
 		# dubble no
 		echo "report"
 elif [[ "$old" == "yes" && "$new" == "no" ]]; then
 		# yes > no
 		echo "uninstall"
 else
 		#error handeling
 fi
 '	
 ### --- Base dependencies check --- ###
 ### Deps check ###
 old="oDependenciesInstalled"
 new="dependenciesInstalled"
 if [[ "$new" == "yes" ]]; then 
 		BaseDep="install"
 elif [[ "$old" == "no"]]; then
 		# dubble no
 		BaseDep="report"
 elif [[ "$old" == "yes"]]; then
 		# yes > no
 		BaseDep="uninstall"
 else
 		#error handeling
 fi
 ### File location check ###
 if   [[ "$oBaseInstallLocation" == "$baseInstallLocation" ]]; then
 	# location does not changed
 elif [[ ! "$oBaseInstallLocation" == "$baseIstallLocation" ]]; then
 	# location changed
 else
 	# error handeling
 fi
 ### Template on chack
 old=""
 new=""
 if [[ "$old" == "yes" && "$new" == "yes" ]]; then 
 		# dubble yes
 		echo "check"
 elif [[ "$old" == "no" && "$new" == "yes" ]]; then
 		# no > yes
 		echo "install"
 elif [[ "$old" == "no" && "$new" == "no" ]]; then
 		# dubble no
 		echo "report"
 elif [[ "$old" == "yes" && "$new" == "no" ]]; then
 		# yes > no
 		echo "uninstall"
 else
 		#error handeling
 fi
 #
 # Differencies betwen install.cfg a install-old.cfg > found what work needs to be done
 # 
 # If uninstall check for verification
 #
 # depandencies install 
 # files
 # user
 # 
 # velocity.toml
 # 
 # mods
 #
 # firewall 
 #
 # systemD rm script + cp new
 # 
 # Tailscale install
 #
 # chown velocity:velocity
 #
 printf "\n Everythink is now set up. It is good idea to check these:"
 printf "\n systemctl status mc-velocity"
 printf "\n su velocity -s /bin/bash \n"
 # Update install-old.cfg (date as version number)
--- a/install/base.sh
+++ b/install/base.sh
@ -0,0 +1,145 @@
 #!/bin/bash
 ### Checks dependencies arrays ###
 depDiff=()
 for oPkg in "${oDependencies[@]}"; do
    skip=
    for pkg in "${dependencies[@]}"; do
        [[ $oPkg == $pkg ]] && { skip=1; break; }
    done
    [[ -n $skip ]] || depDiff+=("$oPkg")
 done
 declare -p depDiff
 if [[ ! "${#depDiff[@]}" == 0 ]]; then
 	printf "These dependencies are newly not requred: ${depDiff[@]} \n"
 	printf "Do you wish to uninstall them? [Y/n]: \n"
 	read ansDiff -n 1
 	if [[ "$ansDiff" =~ ("y"|"Y") || -z $ansDiff ]]; then
 		apt remove ${depDiff[@]}
 	fi
 fi
 ### Checks dependencies ### 
 DepNum=0
 DepMissing=()
 DepInstalled=()
 if [[ "$iptables" == "yes" ]]; then
 	dependencies+=('iptables')
 fi
 for pkg in "${dependencies[@]}"; do
 	if [[ '$(dpkg-query -w --showformat="${Status}\n" $pkg | grep "install ok installed")' =~ ("install"|"ok"|"installed") ]]; then
 		# pkg is installed
 		((DepNum++))
 		DepInstalled+=("$pkg")
 	else
 		# pkg is NOT installed
 		DepMissing+=("$pkg") 
 	fi
 done
 ### Count dependencies ###
 if   [[ "$DepNum" == "${#dependencies[@]}" ]]; then 
 	#All dependencies are installed
 	DepStatus="all"
 elif [[ "${#DepMissing[@]}" == "${#dependencies[@]}" ]]; then
 	#All dependencies are missing
 	DepStatus="none"
 else
 	#Something is missing
 	DepStatus="some"
 fi
 ### Installing / Uninstallign base od prereqisites ###
 if   [[ "$BaseDep" == ("install") && "$DepStatus" == "all" ]]; then
 	# everything is allright
 	pritnf "it is done bro \n"
 elif [[ "$BaseDep" == ("install") && "$DepStatus" == ("none"|"some") ]]; then
 	# some or none was installed installing rest
 	apt install ${DepMissing[@]}
 	printf "it is done now bro \n"
 elif [[ "$BaseDep" == "uninstall" && "$DepStatus" == "none" ]]; then
 	# uninstall but it is not there
 elif [[ "$BaseDep" == "uninstall" && "$DepStatus" == ("some"|"all") ]]; then
 	# uninstall
 	apt remove ${DepInstalled[@]}
 elif [[ "$BaseDep" == "report" && "$DepStatus" == "none" ]]; then
 	# nothing to do
 elif [[ "$BaseDep" == "report" && "$DepStatus" == ("some"|"all") ]]; then
 	printf "Do you want to uinstall these dependencies? [Y/n]
 	printf "${DepInstalled[@]}
 	read ansReport -n 1
 	if [[ "$ansReport" =~ ("y"|"Y"|"yes"|"Yes") || -z $ansReport ]]; then
 		apt remove ${DepInstalled[@]}
 	else
 		printf "Hope you know what you are doing."
 	fi
 else
 	# error handeling
 fi
 ### --- File Structure --- ###
 if   [[ "$oBaseInstallLocation" == "$baseInstallLocation" ]]; then
 	# location did not chage
 	# !TODO chack location
 elif [[ ! "$oBaseInstallLocation" == "$baseIstallLocation" ]]; then
 	# location changed
 	# !TODO test if location is used
 	printf "+ creating new file structure in $baseInstallLocation \n"
 	mkdir $baseInstallLocation
 	cp data/velocity*.jar start.sh $baseInstallLocation
 	mkdir $baseInstallLocation)/plugins
 	cp data/velocity.toml data/forwarding.secret data/start.sh data/server-icon.png $baseInstallLocation
 else
 	# error handeling
 fi
 ### --- User managment --- ###
 ### ------------ Needs work ----------- ###
 ### User managment 
 printf "+ creating group and user for proxy \n"
 groupadd velocity
 useradd --system --shell /usr/sbin/nologin --home /opt/velocity -g velocity velocity
 ### File structure 
 printf "+ creating file structure in /opt/velocity/ \n"
 mkdir /opt/velocity
 cp data/velocity*.jar start.sh /opt/velocity/
 mkdir /opt/velocity/plugins
 cp data/velocity.toml data/forwarding.secret data/start.sh data/server-icon.png $baseInstallLocation
--- a/install/firewall.sh
+++ b/install/firewall.sh
@ -0,0 +1,87 @@
 #!/bin/bash
 ### Firewall get info
 printf "Do you want to set up firewall rules by iptables? [Y/n]: \n"
 read ansFirewallSetup
 if [[ "$ansFirewallSetup" =~ ("N"|"n") ]]; then
 	printf "+ Thanks, working on next bit\n"
 elif [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z $ansFirewallSetup ]]; then
 	printf "Do you want to block non-Tailscale ssh connections? [Y/n]: "
 	read sshBlockRange
 	if [[ "$sshBlockRange" =~ ("n"|"N") ]]; then
 		printf "If you want, input your own IP range [N/range]\n"
 		read sshRange
 		if [[ "$sshRange" =~ ("n"|"N") || -z $sshRange ]]; then
 			printf "+ Making your SSH connections wide and open. After we are done, do somethink with it. /n"
 			ipList="*"
 		else
 			printf "+ Accepting SSH connections only on these ip's: $sshRange\n"
 			ipList="$sshRange"
 		fi
 	fi	
 fi
 ### integration of Maxopoly's instructions on firewall 
 if [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z "$ansFirewallSetup" ]]; then
 		printf "+ Executing firewall setup"
 		iptables -P INPUT ACCEPT #Clears existing rules
 		iptables -A INPUT -i lo -j ACCEPT #Allow loopback
 		iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #Allow continuing connections
 		iptables -A INPUT -p tcp --dport 25577 -j ACCEPT #Allow Velocity port
 		if [[ "$ipList" = "*" ]]; then
 			### Wide and open
 			iiptables -A INPUT -p tcp --dport 22 j ACCEPT # Allow wide and open ssh on port 22
 		elif [[! "$ipList" -z ]]; then
 			### Manual IP range
 			iptables -A INPUT -p tcp --dport 22 --source $ipList -j ACCEPT # Allow limited ssh port 22
 		fi
 		iptables -L ### Good place to paste a manual check to not lock yourself out 
 		printf "\n Does it looks right? [Y/n]: "
 			read ansFirewallOK
 		if [[ "$ansFirewallOK" =~ ("Y"|"y") || -z "$ansFirewallOK" ]]; then	
 			iptables -P INPUT DROP #Disallow everythink else
 			iptables -P FORWARD DROP #Block all forwarding
 			iptables -P OUTPUT ACCEPT #Allow all outgouing
 			 apt install iptables-persistent -y
 		else
 			printf "\nOK it is time for manual configuration"
 			printf "\nAfter you are done ramamber to run 'apt install iptables-persistent' to save your config. System will automaticly remove your work after restart"
 		fi
 fi
--- a/install/mods.sh
+++ b/install/mods.sh
@ -0,0 +1,29 @@
 #!/bin/bash
 printf "Do you want to run Velocity with Forge server? [Y/n]: \n"
 read ansForge
 if [[ "$ansForge" =~ ("Y"|"y") || -z $ansForge ]]; then
 	printf "+ adding reqired plugin \n"
 	cp data/Ambassador*.jar /opt/velocity/plugins
 fi
 printf "Do you want to run it with whitelist plugin? [Y/n]: \n"
 read ansWhite
 if [[ "$ansWhite" =~ ("Y"|"y") || -z $ansWhite ]]; then
 	printf "+ adding reqired plugin \n"
 	cp data/ReWhitelist*.jar /opt/velocity/plugins
 	mkdir /opt/velocity/whitelists
 	cp data/whitelists/* /opt/velocity/whitelists/
 fi
 printf "Do you want to run it with SkinRestorer? [Y/n]: \n"
 read ansSkin
 if [[ "$ansSkin" =~ ("Y"|"y") || -z $ansSkin ]]; then
 	printf "+ adding reqired plugin \n"
 	cp data/SkinsRestorer.jar /opt/velocity/plugins
 fi
--- a/install/old.cfg
+++ b/install/old.cfg
@ -0,0 +1,24 @@
 ### ------------ Do not change these stats, it states what job was done on this system --- ###
 # Base informationsOOUpdateDate= #to version control
 oBaseInstallLocation=no
 oBaseUserName=no
 oDependenciesInstalled=no #if set to no will do it
 oDependencies=('openjdk-17-jre-headless' 'screen')
 oSystemdService=no #if y > update, n > not
 oautoUpgrade=no #work in progress
 # Firewall
 oiptables=no #to check if installed + install
 otailscale=no #to check if installed + install
 osshRange=no # Ip range
 # Mods
 oAmbassador=no #Forge support
 oReWhitelist=no #Whitelist support
 oSkinResolver=no #Skins with offline mode
 # Proxiing information
 oforwarding=no # modern/legacy #how to not set duble velocity.toml
 oforwardingSecret=no
--- a/install/service.sh
+++ b/install/service.sh
@ -0,0 +1,22 @@
 #!/bin/bash
 ### SystemD service
 printf "+ Preparign systemD service\n"
 cp data/mc-velocity.service /etc/systemd/system/
 systemctl daemon-reload
 ### Start service
 printf "Do you want to start velocity proxy right now? [Y/n]: \n"
 read startServer
 if [[ "$startServer" =~ ("y"|"Y") || -z $startServer ]]; then
 	systemctl start mc-velocity
 fi
 systemctl enable mc-velocity
--- a/install/tailscale.sh
+++ b/install/tailscale.sh
@ -0,0 +1,21 @@
 #!/bin/bash
 ### tailsclae install
 printf "Do you want to install Tailscale now? [Y/n]: \n"
 read ansTail
 if [[ "$ansTail" =~ ("y"|"Y") || -z $ansTail ]]; then
 	curl -fsSL https://tailscale.com/install.sh | sh
 	if [[ "$sshBlockRange" =~ ("y"|"Y") || -z $sshBlockRange ]]; then
 		tailscale up --ssh
 	else
 		tailscale up
 	fi
 fi	
--- a/script.sh
+++ b/script.sh
@ -1,200 +0,0 @@
 #!/bin/bash
 printf "Better to run as root, because of permisions handeling.\n"
 sleep 2
 ### Firewall 
 printf "Do you want to set up firewall rules by iptables? [Y/n]: \n"
 read ansFirewallSetup
 if [[ "$ansFirewallSetup" =~ ("N"|"n") ]]; then
 	printf "+ Thanks, working on next bit\n"
 elif [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z $ansFirewallSetup ]]; then
 	printf "Do you want to block non-Tailscale ssh connections? [Y/n]: "
 	read sshBlockRange
 	if [[ "$sshBlockRange" =~ ("n"|"N") ]]; then
 		printf "If you want, input your own IP range [N/range]\n"
 		read sshRange
 		if [[ "$sshRange" =~ ("n"|"N") || -z $sshRange ]]; then
 			printf "+ Making your SSH connections wide and open. After we are done, do somethink with it. /n"
 			ipList="*"
 		else
 			printf "+ Accepting SSH connections only on these ip's: $sshRange\n"
 			ipList="$sshRange"
 		fi
 	fi	
 fi
 ### Update 
 sleep 2
 printf "+ Updating your base system\n"
 apt update && apt upgrade -y
 printf "+ Installing depandencies \n"
 apt install openjdk-17-jre-headless screen
 if [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z $ansFirewallSetup  ]]; then
 	 apt install iptables -y
 fi
 ### User managment 
 printf "+ creating group and user for proxy \n"
 groupadd velocity
 useradd --system --shell /usr/sbin/nologin --home /opt/velocity -g velocity velocity
 ### File structure 
 printf "+ creating file structure in /opt/velocity/ \n"
 mkdir /opt/velocity
 mv data/velocity*.jar start.sh /opt/velocity/
 mkdir /opt/velocity/plugins
 mv data/velocity.toml /opt/velocity/
 mv data/forwarding.secret /opt/velocity/
 mv data/start.sh /opt/velocity/
 mv data/server-icon.png /opt/velocity/
 ### Permisions 
 printf "+ handeling permisions \n"
 chown -R velocity:velocity  /opt/velocity/
 ### SystemD service
 printf "+ Preparign systemD service\n"
 mv data/mc-velocity.service /etc/systemd/system/
 systemctl daemon-reload
 ### integration of Maxopoly's instructions on firewall 
 if [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z "$ansFirewallSetup" ]]; then
 		printf "+ Executing firewall setup"
 		iptables -P INPUT ACCEPT #Clears existing rules
 		iptables -A INPUT -i lo -j ACCEPT #Allow loopback
 		iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #Allow continuing connections
 		iptables -A INPUT -p tcp --dport 25577 -j ACCEPT #Allow Velocity port
 		if [[ "$ipList" = "*" ]]; then
 			### Wide and open
 			iiptables -A INPUT -p tcp --dport 22 j ACCEPT # Allow wide and open ssh on port 22
 		elif [[! "$ipList" -z ]]; then
 			### Manual IP range
 			iptables -A INPUT -p tcp --dport 22 --source $ipList -j ACCEPT # Allow limited ssh port 22
 		fi
 		iptables -L ### Good place to paste a manual check to not lock yourself out 
 		printf "\n Does it looks right? [Y/n]: "
 			read ansFirewallOK
 		if [[ "$ansFirewallOK" =~ ("Y"|"y") || -z "$ansFirewallOK" ]]; then	
 			iptables -P INPUT DROP #Disallow everythink else
 			iptables -P FORWARD DROP #Block all forwarding
 			iptables -P OUTPUT ACCEPT #Allow all outgouing
 			 apt install iptables-persistent -y
 		else
 			printf "\nOK it is time for manual configuration"
 			printf "\nAfter you are done ramamber to run 'apt install iptables-persistent' to save your config. System will automaticly remove your work after restart"
 		fi
 fi
 ### tailsclae install
 printf "Do you want to install Tailscale now? [Y/n]: \n"
 read ansTail
 if [[ "$ansTail" =~ ("y"|"Y") || -z $ansTail ]]; then
 	curl -fsSL https://tailscale.com/install.sh | sh
 	if [[ "$sshBlockRange" =~ ("y"|"Y") || -z $sshBlockRange ]]; then
 		tailscale up --ssh
 	else
 		tailscale up
 	fi
 fi	
 printf "Do you want to run Velocity with Forge server? [Y/n]: \n"
 read ansForge
 if [[ "$ansForge" =~ ("Y"|"y") || -z $ansForge ]]; then
 	printf "+ adding reqired plugin \n"
 	mv data/Ambassador*.jar /opt/velocity/plugins
 fi
 printf "Do you want to run it with whitelist plugin? [Y/n]: \n"
 read ansWhite
 if [[ "$ansWhite" =~ ("Y"|"y") || -z $ansWhite ]]; then
 	printf "+ adding reqired plugin \n"
 	mv data/ReWhitelist*.jar /opt/velocity/plugins
 	mkdir /opt/velocity/whitelists
 	mv data/whitelists/* /opt/velocity/whitelists/
 fi
 printf "Do you want to run it with SkinRestorer? [Y/n]: \n"
 read ansSkin
 if [[ "$ansSkin" =~ ("Y"|"y") || -z $ansSkin ]]; then
 	printf "+ adding reqired plugin \n"
 	mv data/SkinsRestorer.jar /opt/velocity/plugins
 fi
 ### Start service
 printf "Do you want to start velocity proxy right now? [Y/n]: \n"
 read startServer
 if [[ "$startServer" =~ ("y"|"Y") || -z $startServer ]]; then
 	systemctl start mc-velocity
 fi
 systemctl enable mc-velocity
 printf "\n Everythink is now set up. It is good idea to check these:"
 printf "\n systemctl status mc-velocity"
 printf "\n su velocity -s /bin/bash \n"
Author	SHA1	Message	Date
godot	c26300e1f2	new reserch	2024-08-13 21:55:51 +02:00
godot	c3719fa51e	file location base	2024-08-11 14:06:35 +02:00
godot	480f14e44a	big cleanup	2024-08-11 12:25:49 +02:00
godot	f301c0dd1c	detecting change in requried dependencies	2024-08-11 12:23:53 +02:00
godot	42986ee5f8	dependencies install + check	2024-08-11 01:28:29 +02:00
godot	4925373994	working on modul base	2024-08-09 16:05:57 +02:00
godot	0e6197186e	old.cfg + clean up	2024-08-08 23:53:34 +02:00
godot	2948755a3b	base on config	2024-08-08 23:31:13 +02:00
godot	5a79e325b7	startig to feel big	2024-08-08 18:44:44 +02:00
godot	68205edf75	basic shaping	2024-08-08 14:56:20 +02:00
godot	ea63750ba8	tasks	2024-08-08 14:46:15 +02:00