diff --git a/roles/server/minecraft/defaults/main.yml b/roles/server/minecraft/defaults/main.yml new file mode 100644 index 0000000..ba4a2fd --- /dev/null +++ b/roles/server/minecraft/defaults/main.yml @@ -0,0 +1,20 @@ +--- + +# domain: minecraft.example +system_user: "{{ domain | regex_replace('[^A-Za-z0-9-]+', '-') }}" +service_name: "{{ domain }}.service" + +user_directory: "{{ global_webservers_directory }}/{{ domain }}" +installation_directory: "{{ user_directory }}/bin" +mcrcon_directory: "{{ user_directory }}/mcrcon" +data_directory: "{{ user_directory }}/data" +remote_control_script: "{{ user_directory }}/cmd" + +# minecraft_version: "1.10" # for naming +# minecraft_source_link: "https://mojang.example/server.jar" # direct link to server jar +minecraft_port: "25565" +minecraft_rcon_port: "25575" +minecraft_rcon_password: "{{ lookup('password', 'credentials/' + inventory_hostname + '/' + domain + '/rcon length=80') }}" +minecraft_start_ram: "1G" +minecraft_max_ram: "1G" +minecraft_difficulty: "normal" diff --git a/roles/server/minecraft/handlers/main.yml b/roles/server/minecraft/handlers/main.yml new file mode 100644 index 0000000..463fae0 --- /dev/null +++ b/roles/server/minecraft/handlers/main.yml @@ -0,0 +1,7 @@ +--- + +- name: restart minecraft server + systemd: + state: restarted + name: "{{ service_name }}" + enabled: yes diff --git a/roles/server/minecraft/meta/main.yml b/roles/server/minecraft/meta/main.yml new file mode 100644 index 0000000..29da736 --- /dev/null +++ b/roles/server/minecraft/meta/main.yml @@ -0,0 +1,9 @@ +--- + +allow_duplicates: yes + +dependencies: + - role: misc/handlers + - role: misc/system_user + # system_user + # user_directory diff --git a/roles/server/minecraft/tasks/main.yml b/roles/server/minecraft/tasks/main.yml new file mode 100644 index 0000000..f3c2cca --- /dev/null +++ b/roles/server/minecraft/tasks/main.yml @@ -0,0 +1,105 @@ +--- + +- name: Install required packages + apt: + state: present + name: + - openjdk-11-jre-headless + +- name: Create required read only directories + file: + state: directory + path: "{{ item }}" + owner: "{{ system_user }}" + group: "{{ system_user }}" + mode: "u=rx,g=rx,o=" + loop: + - "{{ installation_directory }}" + +- name: Create required data directories + file: + state: directory + path: "{{ item }}" + owner: "{{ system_user }}" + group: "{{ system_user }}" + mode: "u=rwx,g=rx,o=" + loop: + - "{{ data_directory }}" + - "{{ mcrcon_directory }}" + +- name: Download minecraft server jar + get_url: + url: "{{ minecraft_source_link }}" + validate_certs: yes + dest: "{{ installation_directory }}/server.{{ minecraft_version }}.jar" + owner: "{{ system_user }}" + group: "{{ system_user }}" + mode: "u=r,g=r,o=" + +- name: Symlink minecraft server jar + file: + src: "{{ installation_directory }}/server.{{ minecraft_version }}.jar" + dest: "{{ installation_directory }}/server.jar" + state: link + owner: "{{ system_user }}" + group: "{{ system_user }}" + notify: + - restart minecraft server + +- name: Clone mcrcon into source directory + become_user: "{{ system_user }}" + git: + repo: "https://github.com/Tiiffi/mcrcon.git" + dest: "{{ mcrcon_directory }}" + version: master + clone: yes + update: yes + +- name: Compile mcrcon + become_user: "{{ system_user }}" + make: + chdir: "{{ mcrcon_directory }}" + target: mcrcon + +- name: Accept EULA + copy: + dest: "{{ data_directory }}/eula.txt" + content: "eula=true" + owner: "{{ system_user }}" + group: "{{ system_user }}" + mode: "u=r,g=r,o=" + +- name: Create remote control script + template: + src: control.sh + dest: "{{ remote_control_script }}" + owner: "{{ system_user }}" + group: "{{ system_user }}" + mode: "u=rx,g=r,o=" + +- name: Configure minecraft server + template: + src: server.properties + dest: "{{ data_directory }}/server.properties" + owner: "{{ system_user }}" + group: "{{ system_user }}" + mode: "u=r,g=r,o=" + notify: + - restart minecraft server + +- name: Register service for minecraft server + template: + src: "minecraft.service" + dest: "{{ global_systemd_configuration_directory }}/{{ service_name }}" + owner: root + group: root + mode: "u=rw,g=r,o=" + notify: + - reload systemd + - restart minecraft server + +- name: Allow port for minecraft server + ufw: + rule: allow + port: "{{ minecraft_port }}" + proto: tcp diff --git a/roles/server/minecraft/templates/control.sh b/roles/server/minecraft/templates/control.sh new file mode 100644 index 0000000..64a6262 --- /dev/null +++ b/roles/server/minecraft/templates/control.sh @@ -0,0 +1,2 @@ +#!/bin/sh +{{ mcrcon_directory | quote }}/mcrcon -H localhost -P {{ minecraft_rcon_port | quote }} -p {{ minecraft_rcon_password | quote }} "$@" diff --git a/roles/server/minecraft/templates/minecraft.service b/roles/server/minecraft/templates/minecraft.service new file mode 100644 index 0000000..5c24f87 --- /dev/null +++ b/roles/server/minecraft/templates/minecraft.service @@ -0,0 +1,23 @@ +[Unit] +Description={{ domain }} Minecraft Server +Wants=network.target +After=network.target + +[Service] +User={{ system_user }} +Group={{ system_user }} +Nice=5 +KillMode=none +SuccessExitStatus=0 1 + +ProtectHome=true +ProtectSystem=full +PrivateDevices=true +NoNewPrivileges=true +PrivateTmp=true +InaccessibleDirectories=/root /sys /srv -/opt /media -/lost+found +ReadOnlyDirectories={{ installation_directory }} +ReadWriteDirectories={{ data_directory }} +WorkingDirectory={{ data_directory }} +ExecStart=/usr/lib/jvm/java-11-openjdk-amd64/bin/java -Xms{{ minecraft_start_ram | quote }} -Xmx{{ minecraft_max_ram | quote }} -jar {{ installation_directory | quote }}/server.jar nogui +ExecStop={{ remote_control_script }} stop diff --git a/roles/server/minecraft/templates/server.properties b/roles/server/minecraft/templates/server.properties new file mode 100644 index 0000000..101b779 --- /dev/null +++ b/roles/server/minecraft/templates/server.properties @@ -0,0 +1,45 @@ +#Minecraft server properties +broadcast-rcon-to-ops=true +view-distance=12 +max-build-height=256 +server-ip= +level-seed= +rcon.port={{ minecraft_rcon_port }} +gamemode=survival +server-port={{ minecraft_port }} +allow-nether=true +enable-command-block=false +enable-rcon=true +enable-query=false +op-permission-level=4 +prevent-proxy-connections=false +generator-settings= +resource-pack= +level-name=world +rcon.password={{ minecraft_rcon_password }} +player-idle-timeout=0 +motd={{ domain }} Server +query.port=25565 +force-gamemode=false +hardcore=false +white-list=true +broadcast-console-to-ops=true +pvp=true +spawn-npcs=true +generate-structures=true +spawn-animals=true +snooper-enabled=true +difficulty={{ minecraft_difficulty }} +function-permission-level=2 +network-compression-threshold=256 +level-type=default +spawn-monsters=true +max-tick-time=60000 +enforce-whitelist=true +use-native-transport=true +max-players=4 +resource-pack-sha1= +spawn-protection=0 +online-mode=true +allow-flight=false +max-world-size=29999984