godot/mc-velocity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: godot:mod+conf
Branches Tags
godot:main
godot:mod+conf
..
compare: godot:main
Branches Tags
godot:mod+conf
godot:main

1 Commits
mod+conf ... main

Author SHA1 Message Date
godot
2b257105ba Update README.md 2024-08-11 14:02:44 +02:00
10 changed files with 242 additions and 522 deletions
Show Stats Expand all files Collapse all files

87
README.md
View File

@ -1,45 +1,42 @@
## Configuration ## To DO!
- [x] Branching - [x] Firewall shinanigns
- [ ] Config requriments - [x] Auto add plugins
- [ ] Forwarding secret insert - [x] SystemD service
- [ ] Forwarding type insert - [x] Config of velocity.toml
- [x] Apt installed pakages - [x] Tailscale
- [x] check on new dependency - [x] Integrate ReWhitelist plugin
- [x] Detect change and move - [x] Auto set up logo intagret to script
- [x] Detect status - [x] SkinRestorer auto setup
- [x] Iptables add - [ ] Better system for plugin install checks
- [ ] File structure - [ ] Checks for what is done
- [ ] Datect change and move
- [ ] User managment ## To learn
- [ ] Datect change and move - [x] What content of start.sh means
- [ ] Insert date in to .cfg - [x] Requred resources
- [ ] Automake old.cfg - [x] Different types of forwarding
- [ ] Owner and permisions - [x] In their docs they have pages
- [ ] Starting script to elevate priviliges
## Used plugins
## Modularity
- [ ] Break into separate files - [Ambassador](https://github.com/adde0109/Ambassador) (on Proxy for Forge support)
- [ ] Firewall update - [Proxy Compatible Forge](https://github.com/adde0109/Proxy-Compatible-Forge) (On server for Velocity)
- [ ] Whitelists - My players - [ReWhitelist](https://hangar.papermc.io/ReModded/ReWhitelist) (on Proxy for whitelisting)
- [ ] Base update - [SkinRestorer Velocity plugin](https://hangar.papermc.io/SRTeam/SkinsRestorer)
- [ ] Nakolik duverovat old.cfg / check system - [SkinRestorer](https://modrinth.com/mod/skinrestorer)
- [ ] Mods update
- [ ] Service update ## To NOT use
- [ ] Tailscale update
- [ ] Test owner of master script (source/run .) - [Fabric proxy lite](https://modrinth.com/mod/fabricproxy-lite/) (basicly Ambassador for Fabric)
- [ ] Version control
- [ ] Error handelign ## To use plagins
- [ ] Permisons handeling - Player Inventory Database
- [ ] Put on chrono job (git pull + run install.sh) - [PlayerSync](https://www.curseforge.com/minecraft/mc-mods/playersync/files/all?page=1&pageSize=20&version=1.20.1) - Forge
- [Dusty data sync](https://modrinth.com/mod/dusty-data-sync) - idk
## Eye candy - [InvSync](https://modrinth.com/mod/invsync) - Fabric
- [ ] Comments - [HuskSync](https://william278.net/project/husksync/) - Fabric
- [ ] Disable bunch of text - [LackyPerms](https://luckperms.net/wiki/Network-Installation) X [PermisonsEx](https://www.spigotmc.org/resources/permissionsex.108323/)
- [MultiEconomy](https://modrinth.com/mod/multieconomy)
## Nice - [GitHub repo of nice Velocity Plugins](https://github.com/Syrent/Switch-to-Velocity?tab=readme-ov-file#necessary-plugins)
- [ ] do NOT store everything in repo - [Sinytra Connector](https://modrinth.com/mod/connector) (Run Fabric mods on Forge)
- Plan-Player-Analytics X Plan-Player-Analytics
- DynMap
## Links
- [Forward forge client](https://modrinth.com/mod/forward-forge-client-reset-packet) for smoth move

26
install.cfg
View File

@ -1,26 +0,0 @@
# Base informations
lastUpdateDate= #to version control
baseInstallLocation=/opt/velocity/
baseUserName=velocity
dependenciesInstalled=yes
dependencies=('openjdk-17-jre-headless' 'screen')
systemdService=yes #if y > update, n > disable
autoUpgrade=yes
# Firewall
iptables=yes #to check if installed + install
tailscale=yes #to check if installed + install
sshRange=tailscale # Ip range
# Mods
Ambassador=yes #Forge support
ReWhitelist=yes #Whitelist support
SkinResolver=yes #Skins with offline mode
# Proxiing information
forwarding=modern # modern/legacy #how to not set duble velocity.toml
forwardingSecret=

123
install.sh
View File

@ -1,123 +0,0 @@
#!/bin/bash
# import configs
. install.cfg
. install/old.cfg
#stop service
systemctl stop mc-forge
#update system
apt update
if [[ "$autoUpgrade" == "yes" ]]; then
apt upgrade -y
fi
### Template on chack
: '
old=""
new=""
if [[ "$old" == "yes" && "$new" == "yes" ]]; then
# dubble yes
echo "check"
elif [[ "$old" == "no" && "$new" == "yes" ]]; then
# no > yes
echo "install"
elif [[ "$old" == "no" && "$new" == "no" ]]; then
# dubble no
echo "report"
elif [[ "$old" == "yes" && "$new" == "no" ]]; then
# yes > no
echo "uninstall"
else
#error handeling
fi
'
### --- Base dependencies check --- ###
### Deps check ###
old="oDependenciesInstalled"
new="dependenciesInstalled"
if [[ "$new" == "yes" ]]; then
BaseDep="install"
elif [[ "$old" == "no"]]; then
# dubble no
BaseDep="report"
elif [[ "$old" == "yes"]]; then
# yes > no
BaseDep="uninstall"
else
#error handeling
fi
### File location check ###
if [[ "$oBaseInstallLocation" == "$baseInstallLocation" ]]; then
# location does not changed
elif [[ ! "$oBaseInstallLocation" == "$baseIstallLocation" ]]; then
# location changed
else
# error handeling
fi
### Template on chack
old=""
new=""
if [[ "$old" == "yes" && "$new" == "yes" ]]; then
# dubble yes
echo "check"
elif [[ "$old" == "no" && "$new" == "yes" ]]; then
# no > yes
echo "install"
elif [[ "$old" == "no" && "$new" == "no" ]]; then
# dubble no
echo "report"
elif [[ "$old" == "yes" && "$new" == "no" ]]; then
# yes > no
echo "uninstall"
else
#error handeling
fi
#
# Differencies betwen install.cfg a install-old.cfg > found what work needs to be done
#
# If uninstall check for verification
#
# depandencies install
# files
# user
#
# velocity.toml
#
# mods
#
# firewall
#
# systemD rm script + cp new
#
# Tailscale install
#
# chown velocity:velocity
#
printf "\n Everythink is now set up. It is good idea to check these:"
printf "\n systemctl status mc-velocity"
printf "\n su velocity -s /bin/bash \n"
# Update install-old.cfg (date as version number)

145
install/base.sh
View File

@ -1,145 +0,0 @@
#!/bin/bash
### Checks dependencies arrays ###
depDiff=()
for oPkg in "${oDependencies[@]}"; do
skip=
for pkg in "${dependencies[@]}"; do
[[ $oPkg == $pkg ]] && { skip=1; break; }
done
[[ -n $skip ]] || depDiff+=("$oPkg")
done
declare -p depDiff
if [[ ! "${#depDiff[@]}" == 0 ]]; then
printf "These dependencies are newly not requred: ${depDiff[@]} \n"
printf "Do you wish to uninstall them? [Y/n]: \n"
read ansDiff -n 1
if [[ "$ansDiff" =~ ("y"|"Y") || -z $ansDiff ]]; then
apt remove ${depDiff[@]}
fi
fi
### Checks dependencies ###
DepNum=0
DepMissing=()
DepInstalled=()
if [[ "$iptables" == "yes" ]]; then
dependencies+=('iptables')
fi
for pkg in "${dependencies[@]}"; do
if [[ '$(dpkg-query -w --showformat="${Status}\n" $pkg | grep "install ok installed")' =~ ("install"|"ok"|"installed") ]]; then
# pkg is installed
((DepNum++))
DepInstalled+=("$pkg")
else
# pkg is NOT installed
DepMissing+=("$pkg")
fi
done
### Count dependencies ###
if [[ "$DepNum" == "${#dependencies[@]}" ]]; then
#All dependencies are installed
DepStatus="all"
elif [[ "${#DepMissing[@]}" == "${#dependencies[@]}" ]]; then
#All dependencies are missing
DepStatus="none"
else
#Something is missing
DepStatus="some"
fi
### Installing / Uninstallign base od prereqisites ###
if [[ "$BaseDep" == ("install") && "$DepStatus" == "all" ]]; then
# everything is allright
pritnf "it is done bro \n"
elif [[ "$BaseDep" == ("install") && "$DepStatus" == ("none"|"some") ]]; then
# some or none was installed installing rest
apt install ${DepMissing[@]}
printf "it is done now bro \n"
elif [[ "$BaseDep" == "uninstall" && "$DepStatus" == "none" ]]; then
# uninstall but it is not there
elif [[ "$BaseDep" == "uninstall" && "$DepStatus" == ("some"|"all") ]]; then
# uninstall
apt remove ${DepInstalled[@]}
elif [[ "$BaseDep" == "report" && "$DepStatus" == "none" ]]; then
# nothing to do
elif [[ "$BaseDep" == "report" && "$DepStatus" == ("some"|"all") ]]; then
printf "Do you want to uinstall these dependencies? [Y/n]
printf "${DepInstalled[@]}
read ansReport -n 1
if [[ "$ansReport" =~ ("y"|"Y"|"yes"|"Yes") || -z $ansReport ]]; then
apt remove ${DepInstalled[@]}
else
printf "Hope you know what you are doing."
fi
else
# error handeling
fi
### --- File Structure --- ###
if [[ "$oBaseInstallLocation" == "$baseInstallLocation" ]]; then
# location did not chage
# !TODO chack location
elif [[ ! "$oBaseInstallLocation" == "$baseIstallLocation" ]]; then
# location changed
# !TODO test if location is used
printf "+ creating new file structure in $baseInstallLocation \n"
mkdir $baseInstallLocation
cp data/velocity*.jar start.sh $baseInstallLocation
mkdir $baseInstallLocation)/plugins
cp data/velocity.toml data/forwarding.secret data/start.sh data/server-icon.png $baseInstallLocation
else
# error handeling
fi
### --- User managment --- ###
### ------------ Needs work ----------- ###
### User managment
printf "+ creating group and user for proxy \n"
groupadd velocity
useradd --system --shell /usr/sbin/nologin --home /opt/velocity -g velocity velocity
### File structure
printf "+ creating file structure in /opt/velocity/ \n"
mkdir /opt/velocity
cp data/velocity*.jar start.sh /opt/velocity/
mkdir /opt/velocity/plugins
cp data/velocity.toml data/forwarding.secret data/start.sh data/server-icon.png $baseInstallLocation

87
install/firewall.sh
View File

@ -1,87 +0,0 @@
#!/bin/bash
### Firewall get info
printf "Do you want to set up firewall rules by iptables? [Y/n]: \n"
read ansFirewallSetup
if [[ "$ansFirewallSetup" =~ ("N"|"n") ]]; then
printf "+ Thanks, working on next bit\n"
elif [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z $ansFirewallSetup ]]; then
printf "Do you want to block non-Tailscale ssh connections? [Y/n]: "
read sshBlockRange
if [[ "$sshBlockRange" =~ ("n"|"N") ]]; then
printf "If you want, input your own IP range [N/range]\n"
read sshRange
if [[ "$sshRange" =~ ("n"|"N") || -z $sshRange ]]; then
printf "+ Making your SSH connections wide and open. After we are done, do somethink with it. /n"
ipList="*"
else
printf "+ Accepting SSH connections only on these ip's: $sshRange\n"
ipList="$sshRange"
fi
fi
fi
### integration of Maxopoly's instructions on firewall
if [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z "$ansFirewallSetup" ]]; then
printf "+ Executing firewall setup"
iptables -P INPUT ACCEPT #Clears existing rules
iptables -A INPUT -i lo -j ACCEPT #Allow loopback
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #Allow continuing connections
iptables -A INPUT -p tcp --dport 25577 -j ACCEPT #Allow Velocity port
if [[ "$ipList" = "*" ]]; then
### Wide and open
iiptables -A INPUT -p tcp --dport 22 j ACCEPT # Allow wide and open ssh on port 22
elif [[! "$ipList" -z ]]; then
### Manual IP range
iptables -A INPUT -p tcp --dport 22 --source $ipList -j ACCEPT # Allow limited ssh port 22
fi
iptables -L ### Good place to paste a manual check to not lock yourself out
printf "\n Does it looks right? [Y/n]: "
read ansFirewallOK
if [[ "$ansFirewallOK" =~ ("Y"|"y") || -z "$ansFirewallOK" ]]; then
iptables -P INPUT DROP #Disallow everythink else
iptables -P FORWARD DROP #Block all forwarding
iptables -P OUTPUT ACCEPT #Allow all outgouing
apt install iptables-persistent -y
else
printf "\nOK it is time for manual configuration"
printf "\nAfter you are done ramamber to run 'apt install iptables-persistent' to save your config. System will automaticly remove your work after restart"
fi
fi

29
install/mods.sh
View File

@ -1,29 +0,0 @@
#!/bin/bash
printf "Do you want to run Velocity with Forge server? [Y/n]: \n"
read ansForge
if [[ "$ansForge" =~ ("Y"|"y") || -z $ansForge ]]; then
printf "+ adding reqired plugin \n"
cp data/Ambassador*.jar /opt/velocity/plugins
fi
printf "Do you want to run it with whitelist plugin? [Y/n]: \n"
read ansWhite
if [[ "$ansWhite" =~ ("Y"|"y") || -z $ansWhite ]]; then
printf "+ adding reqired plugin \n"
cp data/ReWhitelist*.jar /opt/velocity/plugins
mkdir /opt/velocity/whitelists
cp data/whitelists/* /opt/velocity/whitelists/
fi
printf "Do you want to run it with SkinRestorer? [Y/n]: \n"
read ansSkin
if [[ "$ansSkin" =~ ("Y"|"y") || -z $ansSkin ]]; then
printf "+ adding reqired plugin \n"
cp data/SkinsRestorer.jar /opt/velocity/plugins
fi

24
install/old.cfg
View File

@ -1,24 +0,0 @@
### ------------ Do not change these stats, it states what job was done on this system --- ###
# Base informationsOOUpdateDate= #to version control
oBaseInstallLocation=no
oBaseUserName=no
oDependenciesInstalled=no #if set to no will do it
oDependencies=('openjdk-17-jre-headless' 'screen')
oSystemdService=no #if y > update, n > not
oautoUpgrade=no #work in progress
# Firewall
oiptables=no #to check if installed + install
otailscale=no #to check if installed + install
osshRange=no # Ip range
# Mods
oAmbassador=no #Forge support
oReWhitelist=no #Whitelist support
oSkinResolver=no #Skins with offline mode
# Proxiing information
oforwarding=no # modern/legacy #how to not set duble velocity.toml
oforwardingSecret=no

22
install/service.sh
View File

@ -1,22 +0,0 @@
#!/bin/bash
### SystemD service
printf "+ Preparign systemD service\n"
cp data/mc-velocity.service /etc/systemd/system/
systemctl daemon-reload
### Start service
printf "Do you want to start velocity proxy right now? [Y/n]: \n"
read startServer
if [[ "$startServer" =~ ("y"|"Y") || -z $startServer ]]; then
systemctl start mc-velocity
fi
systemctl enable mc-velocity

21
install/tailscale.sh
View File

@ -1,21 +0,0 @@
#!/bin/bash
### tailsclae install
printf "Do you want to install Tailscale now? [Y/n]: \n"
read ansTail
if [[ "$ansTail" =~ ("y"|"Y") || -z $ansTail ]]; then
curl -fsSL https://tailscale.com/install.sh | sh
if [[ "$sshBlockRange" =~ ("y"|"Y") || -z $sshBlockRange ]]; then
tailscale up --ssh
else
tailscale up
fi
fi

200
script.sh Executable file
View File

@ -0,0 +1,200 @@
#!/bin/bash
printf "Better to run as root, because of permisions handeling.\n"
sleep 2
### Firewall
printf "Do you want to set up firewall rules by iptables? [Y/n]: \n"
read ansFirewallSetup
if [[ "$ansFirewallSetup" =~ ("N"|"n") ]]; then
printf "+ Thanks, working on next bit\n"
elif [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z $ansFirewallSetup ]]; then
printf "Do you want to block non-Tailscale ssh connections? [Y/n]: "
read sshBlockRange
if [[ "$sshBlockRange" =~ ("n"|"N") ]]; then
printf "If you want, input your own IP range [N/range]\n"
read sshRange
if [[ "$sshRange" =~ ("n"|"N") || -z $sshRange ]]; then
printf "+ Making your SSH connections wide and open. After we are done, do somethink with it. /n"
ipList="*"
else
printf "+ Accepting SSH connections only on these ip's: $sshRange\n"
ipList="$sshRange"
fi
fi
fi
### Update
sleep 2
printf "+ Updating your base system\n"
apt update && apt upgrade -y
printf "+ Installing depandencies \n"
apt install openjdk-17-jre-headless screen
if [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z $ansFirewallSetup ]]; then
apt install iptables -y
fi
### User managment
printf "+ creating group and user for proxy \n"
groupadd velocity
useradd --system --shell /usr/sbin/nologin --home /opt/velocity -g velocity velocity
### File structure
printf "+ creating file structure in /opt/velocity/ \n"
mkdir /opt/velocity
mv data/velocity*.jar start.sh /opt/velocity/
mkdir /opt/velocity/plugins
mv data/velocity.toml /opt/velocity/
mv data/forwarding.secret /opt/velocity/
mv data/start.sh /opt/velocity/
mv data/server-icon.png /opt/velocity/
### Permisions
printf "+ handeling permisions \n"
chown -R velocity:velocity /opt/velocity/
### SystemD service
printf "+ Preparign systemD service\n"
mv data/mc-velocity.service /etc/systemd/system/
systemctl daemon-reload
### integration of Maxopoly's instructions on firewall
if [[ "$ansFirewallSetup" =~ ("Y"|"y") || -z "$ansFirewallSetup" ]]; then
printf "+ Executing firewall setup"
iptables -P INPUT ACCEPT #Clears existing rules
iptables -A INPUT -i lo -j ACCEPT #Allow loopback
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #Allow continuing connections
iptables -A INPUT -p tcp --dport 25577 -j ACCEPT #Allow Velocity port
if [[ "$ipList" = "*" ]]; then
### Wide and open
iiptables -A INPUT -p tcp --dport 22 j ACCEPT # Allow wide and open ssh on port 22
elif [[! "$ipList" -z ]]; then
### Manual IP range
iptables -A INPUT -p tcp --dport 22 --source $ipList -j ACCEPT # Allow limited ssh port 22
fi
iptables -L ### Good place to paste a manual check to not lock yourself out
printf "\n Does it looks right? [Y/n]: "
read ansFirewallOK
if [[ "$ansFirewallOK" =~ ("Y"|"y") || -z "$ansFirewallOK" ]]; then
iptables -P INPUT DROP #Disallow everythink else
iptables -P FORWARD DROP #Block all forwarding
iptables -P OUTPUT ACCEPT #Allow all outgouing
apt install iptables-persistent -y
else
printf "\nOK it is time for manual configuration"
printf "\nAfter you are done ramamber to run 'apt install iptables-persistent' to save your config. System will automaticly remove your work after restart"
fi
fi
### tailsclae install
printf "Do you want to install Tailscale now? [Y/n]: \n"
read ansTail
if [[ "$ansTail" =~ ("y"|"Y") || -z $ansTail ]]; then
curl -fsSL https://tailscale.com/install.sh | sh
if [[ "$sshBlockRange" =~ ("y"|"Y") || -z $sshBlockRange ]]; then
tailscale up --ssh
else
tailscale up
fi
fi
printf "Do you want to run Velocity with Forge server? [Y/n]: \n"
read ansForge
if [[ "$ansForge" =~ ("Y"|"y") || -z $ansForge ]]; then
printf "+ adding reqired plugin \n"
mv data/Ambassador*.jar /opt/velocity/plugins
fi
printf "Do you want to run it with whitelist plugin? [Y/n]: \n"
read ansWhite
if [[ "$ansWhite" =~ ("Y"|"y") || -z $ansWhite ]]; then
printf "+ adding reqired plugin \n"
mv data/ReWhitelist*.jar /opt/velocity/plugins
mkdir /opt/velocity/whitelists
mv data/whitelists/* /opt/velocity/whitelists/
fi
printf "Do you want to run it with SkinRestorer? [Y/n]: \n"
read ansSkin
if [[ "$ansSkin" =~ ("Y"|"y") || -z $ansSkin ]]; then
printf "+ adding reqired plugin \n"
mv data/SkinsRestorer.jar /opt/velocity/plugins
fi
### Start service
printf "Do you want to start velocity proxy right now? [Y/n]: \n"
read startServer
if [[ "$startServer" =~ ("y"|"Y") || -z $startServer ]]; then
systemctl start mc-velocity
fi
systemctl enable mc-velocity
printf "\n Everythink is now set up. It is good idea to check these:"
printf "\n systemctl status mc-velocity"
printf "\n su velocity -s /bin/bash \n"