ixvd/neo
Archived
3
0
Fork 0
Code Issues 4 Pull requests Projects Activity Actions

add firewall rules with a rules handler, setup command fix and rust server

Browse source
This commit is contained in:
Didier Slof 2022-12-05 09:11:37 +01:00
parent fb7b388c8e
commit 01e4c835b2
Signed by: didier
GPG key ID: 01E71F18AA4398E5
5 changed files with 153 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

12
docker-compose.games.yml
View file

@ -19,8 +19,18 @@ services:
TYPE: "PAPER" TYPE: "PAPER"
VERSION: "1.19.2" VERSION: "1.19.2"
restart: always restart: always
ports: ports: # 280** and 25565 is allocated to SMPXMC
- "25565:25565" - "25565:25565"
#- "28016:28016" # Rcon #- "28016:28016" # Rcon
volumes: volumes:
- /srv/smpxmc/data:/data - /srv/smpxmc/data:/data
rust:
image: didstopia/rust-server:latest
environment:
- RUST_SERVER_NAME=smexypexyrustserver
- RUST_SERVER_MAXPLAYERS=20
ports: # 281** is allocated for Rust
- "28115:28015"
- "28116:28016"
- "28182:28082"

94
man
View file

@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
PROJECT_NAME=${PROJECT_NAME:-neo} PROJECT_NAME=${PROJECT_NAME:-neo}
BLACKLIST="" LIST=docker-compose.*.yml
alias dc="docker-compose -p $PROJECT_NAME" alias dc="docker-compose -p $PROJECT_NAME"
# alias dc="echo docker-compose -p $PROJECT_NAME" # alias dc="echo docker-compose -p $PROJECT_NAME"
@ -11,28 +11,18 @@ fatal() {
exit 1 exit 1
} }
only() {
FILE="docker-compose.$1.yml"; shift
default() { default() {
dc -f $FILE $@ fopts=""
} for f in $LIST; do
handleFallthrough $@ fopts="$fopts -f $f"
}
default() {
file_opts=""
for f in docker-compose.*.yml; do
# echo $BLACKLIST | grep -q $f && continue
echo $BLACKLIST | grep -q $(echo $f | cut -d. -f2) && continue
file_opts="$file_opts -f $f"
done done
dc $file_opts $@ dc $fopts $*
} }
includechain=0
handleFallthrough() { handleFallthrough() {
cmd=${1:-}; shift cmd=${1:-}; shift
case $cmd in case $cmd in
only) only $@ ;;
delete-project-files|dpf) delete-project-files|dpf)
[ -n "$1" ] || fatal "no directory specified" [ -n "$1" ] || fatal "no directory specified"
[ -d /srv/$1 ] || fatal "directory doesn't exist" [ -d /srv/$1 ] || fatal "directory doesn't exist"
@ -42,13 +32,21 @@ handleFallthrough() {
[ "$answer" = "yes" ] && sudo rm -rf /srv/$1 || fatal "cancelled" [ "$answer" = "yes" ] && sudo rm -rf /srv/$1 || fatal "cancelled"
;; ;;
-b) -i) #include
BLACKLIST="$BLACKLIST $1"; shift if [ $includechain -eq 0 ]; then
LIST="docker-compose.$1.yml"
includechain=1
else
LIST="$LIST docker-compose.$1.yml"
fi
shift
handleFallthrough $@ handleFallthrough $@
;; ;;
setup-all) -x) #exclude
sh utils/setup.sh LIST=$(echo $LIST | sed "s/docker-compose.$1.yml//")
shift
handleFallthrough $@
;; ;;
make:*) make:*)
@ -71,9 +69,65 @@ handleFallthrough() {
esac esac
;; ;;
setup:*|s:*)
WHAT=`echo $cmd | cut -c8-`
case $WHAT in
ports) sudo setup-ports.sh up ;;
def) sudo setup.sh ;;
all|a)
sudo setup.sh
sudo setup-ports.sh up
;;
*) fatal "not supported" ;;
esac
;;
# preference # preference
logs) default logs --tail=20 -f $@ ;; logs) default logs --tail=20 -f $@ ;;
up) default up -d $@ ;; up) default up -d $@ ;;
upr) default up -d --remove-orphans $@ ;;
--help|-h)
__() {
colsep="$1"
cmd="$2"
desc="$3"
aliases="$4"
printf "%s %-20s %s %-64s %s %-40s %s \n" "$colsep" "$cmd" "$colsep" "$desc" "$colsep" "$aliases" "$colsep"
}
_hr() {
repchar() {
printf "%$1s" | tr " " "$2"
}
__ "*" ${1:-$(repchar 20 -)} ${2:-$(repchar 64 -)} ${3:-$(repchar 40 -)}
}
_r() {
__ "|" "$1" "$2" "$3"
}
_hr
_r $0 Description Aliases
_hr
_hr "Flags" " " " "
_hr
_r "-x" "Excludes a docker-compose file from the list." " "
_r "-i" "Includes a docker-compose file from the list." " "
_hr
_hr "Commands" " " " "
_hr
_r "dpf" "Delete project files." "delete-project-files <name>"
_r "setup" "Run setup script." "sh ./utils/setup.sh"
_r "make:dc <name>" "Make docker-compose file." "make:docker-compose <name>"
_r "make:backup <name>" "Make backup file." "tar cvf <name>.tar.gz /srv"
_hr
_hr "Commands/aliases" "(shortcuts)" " "
_hr
_r "up" "Bring up services. (-d)" "$0 default up -d"
_r "upr" "Bring up services and remove orphans." "$0 default up -d --remove-orphans"
_r "logs" "View logs and follow with a tail of 20." "$0 default logs --tail=20 -f"
_hr
_r "default" "fallback to the main docker-compose command with fileopts." "docker-compose"
_hr
;;
default) default $@ ;; default) default $@ ;;
*|'') default $cmd $@ ;; *|'') default $cmd $@ ;;

24
utils/rulelist.rules Normal file
View file

@ -0,0 +1,24 @@
# HTTP(s)
INPUT -p tcp --dport 80 -j ACCEPT
INPUT -p tcp --dport 443 -j ACCEPT
# SSH
INPUT -p tcp --dport 8240 -j ACCEPT
# WIREGUARD
INPUT -p udp --dport 51820 -j ACCEPT
# MINECRAFT (25565 && 280**)
INPUT -p tcp --dport 25565 -j ACCEPT
# RUST (281**)
INPUT -p tcp --dport 28115 -j ACCEPT
INPUT -p udp --dport 28115 -j ACCEPT
INPUT -p tcp --dport 28116 -j ACCEPT
INPUT -p udp --dport 28116 -j ACCEPT
INPUT -p tcp --dport 28182 -j ACCEPT
INPUT -p udp --dport 28182 -j ACCEPT
# ALLOW ALL TRAFFIC FROM xxx.xxx.xxx.xxx
INPUT -s 87.210.9.220 -j ACCEPT

42
utils/setup-ports.sh Executable file
View file

@ -0,0 +1,42 @@
#!/bin/sh
run() {
echo "$@"
"$@"
}
up() {
while read -r line; do
[ -z "$line" ] && continue
if [ "$(echo "$line" | cut -c1)" = "#" ]; then
echo "$line"
else
# shellcheck disable=SC2086
run iptables -A $line
fi
done < "$1"
}
down() {
while read -r line; do
[ -z "$line" ] && continue
if [ "$(echo "$line" | cut -c1)" = "#" ]; then
echo "$line"
else
# shellcheck disable=SC2086
run iptables -D $line
fi
done < "$1"
}
case "$1" in
up)
up "$2"
;;
down)
down "$2"
;;
*)
echo "Usage: $0 {up|down}"
exit 1
esac

0
utils/setup.sh Normal file → Executable file
View file