add firewall rules with a rules handler, setup command fix and rust server

docker-compose.games.yml

@@ -19,8 +19,18 @@ services:
       TYPE: "PAPER"
       VERSION: "1.19.2"
     restart: always  
-    ports:
+    ports: # 280** and 25565 is allocated to SMPXMC
       - "25565:25565"
      #- "28016:28016" # Rcon
     volumes:
       - /srv/smpxmc/data:/data
+
+  rust:
+    image: didstopia/rust-server:latest
+    environment:
+      - RUST_SERVER_NAME=smexypexyrustserver
+      - RUST_SERVER_MAXPLAYERS=20
+    ports: # 281** is allocated for Rust
+      - "28115:28015"
+      - "28116:28016"
+      - "28182:28082"

man

@@ -1,7 +1,7 @@
 #!/bin/sh
 
 PROJECT_NAME=${PROJECT_NAME:-neo}
-BLACKLIST=""
+LIST=docker-compose.*.yml
 
 alias dc="docker-compose -p $PROJECT_NAME"
 # alias dc="echo docker-compose -p $PROJECT_NAME"
@@ -11,28 +11,18 @@ fatal() {
     exit 1
 }
 
-only() {
-    FILE="docker-compose.$1.yml"; shift
-    default() {
-        dc -f $FILE $@
-    }
-    handleFallthrough $@
-}
-
 default() {
-    file_opts=""
-    for f in docker-compose.*.yml; do
-        # echo $BLACKLIST | grep -q $f && continue
-        echo $BLACKLIST | grep -q $(echo $f | cut -d. -f2) && continue
-        file_opts="$file_opts -f $f"
+    fopts=""
+    for f in $LIST; do
+        fopts="$fopts -f $f"
     done
-    dc $file_opts $@
+    dc $fopts $*
 }
 
+includechain=0
 handleFallthrough() {
     cmd=${1:-}; shift
     case $cmd in
-        only) only $@ ;;
         delete-project-files|dpf)
             [ -n "$1" ] || fatal "no directory specified"
             [ -d /srv/$1 ] || fatal "directory doesn't exist"
@@ -42,13 +32,21 @@ handleFallthrough() {
             [ "$answer" = "yes" ] && sudo rm -rf /srv/$1 || fatal "cancelled"
         ;;
 
-        -b)
-            BLACKLIST="$BLACKLIST $1"; shift
+        -i) #include
+            if [ $includechain -eq 0 ]; then
+                LIST="docker-compose.$1.yml"
+                includechain=1
+            else
+                LIST="$LIST docker-compose.$1.yml"
+            fi
+            shift
             handleFallthrough $@
         ;;
 
-        setup-all) 
-            sh utils/setup.sh
+        -x) #exclude
+            LIST=$(echo $LIST | sed "s/docker-compose.$1.yml//")
+            shift
+            handleFallthrough $@
         ;;
 
         make:*)
@@ -71,9 +69,65 @@ handleFallthrough() {
             esac
         ;;
 
+        setup:*|s:*)
+            WHAT=`echo $cmd | cut -c8-`
+            case $WHAT in
+                ports) sudo setup-ports.sh up ;;
+                def) sudo setup.sh ;;
+                all|a)
+                    sudo setup.sh
+                    sudo setup-ports.sh up
+                ;;
+                *) fatal "not supported" ;;
+            esac
+        ;;
+
         # preference
         logs) default logs --tail=20 -f $@ ;;
         up) default up -d $@ ;;
+        upr) default up -d --remove-orphans $@ ;;
+
+        --help|-h)
+            __() {
+                colsep="$1"
+                cmd="$2"
+                desc="$3"
+                aliases="$4"
+                printf "%s %-20s %s %-64s %s %-40s %s \n" "$colsep" "$cmd" "$colsep" "$desc" "$colsep" "$aliases" "$colsep"
+            }
+            _hr() {
+                repchar() {
+                    printf "%$1s" | tr " " "$2"
+                }
+                __ "*" ${1:-$(repchar 20 -)} ${2:-$(repchar 64 -)} ${3:-$(repchar 40 -)}
+            }
+            _r() {
+                __ "|" "$1" "$2" "$3"
+            }
+            _hr
+            _r $0 Description Aliases
+            _hr
+            _hr "Flags" " " " "
+            _hr
+            _r "-x" "Excludes a docker-compose file from the list." " "
+            _r "-i" "Includes a docker-compose file from the list." " "
+            _hr
+            _hr "Commands" " " " "
+            _hr
+            _r "dpf" "Delete project files." "delete-project-files <name>"
+            _r "setup" "Run setup script." "sh ./utils/setup.sh"
+            _r "make:dc <name>" "Make docker-compose file." "make:docker-compose <name>"
+            _r "make:backup <name>" "Make backup file." "tar cvf <name>.tar.gz /srv"
+            _hr
+            _hr "Commands/aliases" "(shortcuts)" " "
+            _hr
+            _r "up" "Bring up services. (-d)" "$0 default up -d"
+            _r "upr" "Bring up services and remove orphans." "$0 default up -d --remove-orphans"
+            _r "logs" "View logs and follow with a tail of 20." "$0 default logs --tail=20 -f"
+            _hr
+            _r "default" "fallback to the main docker-compose command with fileopts." "docker-compose" 
+            _hr
+        ;;
 
         default) default $@ ;;
         *|'') default $cmd $@ ;;

utils/rulelist.rules

@@ -0,0 +1,24 @@
+# HTTP(s)
+INPUT -p tcp --dport 80 -j ACCEPT
+INPUT -p tcp --dport 443 -j ACCEPT
+
+# SSH
+INPUT -p tcp --dport 8240 -j ACCEPT
+
+# WIREGUARD
+INPUT -p udp --dport 51820 -j ACCEPT
+
+# MINECRAFT (25565 && 280**)
+INPUT -p tcp --dport 25565 -j ACCEPT
+
+# RUST (281**)
+INPUT -p tcp --dport 28115 -j ACCEPT
+INPUT -p udp --dport 28115 -j ACCEPT
+INPUT -p tcp --dport 28116 -j ACCEPT
+INPUT -p udp --dport 28116 -j ACCEPT
+INPUT -p tcp --dport 28182 -j ACCEPT
+INPUT -p udp --dport 28182 -j ACCEPT
+
+# ALLOW ALL TRAFFIC FROM xxx.xxx.xxx.xxx
+INPUT -s 87.210.9.220 -j ACCEPT
+

utils/setup-ports.sh

@@ -0,0 +1,42 @@
+#!/bin/sh
+
+run() {
+  echo "$@"
+  "$@"
+}
+
+up() {
+  while read -r line; do
+    [ -z "$line" ] && continue
+    if [ "$(echo "$line" | cut -c1)" = "#" ]; then
+      echo "$line"
+    else
+      # shellcheck disable=SC2086
+      run iptables -A $line
+    fi
+  done < "$1"
+}
+
+down() {
+  while read -r line; do
+    [ -z "$line" ] && continue
+    if [ "$(echo "$line" | cut -c1)" = "#" ]; then
+      echo "$line"
+    else
+      # shellcheck disable=SC2086
+      run iptables -D $line
+    fi
+  done < "$1"
+}
+
+case "$1" in
+  up)
+    up "$2"
+    ;;
+  down)
+    down "$2"
+    ;;
+  *)
+    echo "Usage: $0 {up|down}"
+    exit 1
+esac