2022-02-07 01:16:59 +01:00
#!/bin/bash
2022-08-20 14:36:21 +02:00
# Collection of scripts to deploy a server hosting several open-source games
# Copyright (C) 2022 Jarno van der Kolk
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
2022-02-07 01:16:59 +01:00
set -e
# Web dashboard
systemctl enable --now nginx
firewall-cmd --zone= public --add-service= http --permanent
firewall-cmd --zone= public --add-service= https --permanent
firewall-cmd --reload
# Request SSL certificate. This assumes DNS has been set up already
2022-02-20 22:33:16 +01:00
if [ x" $NOSSL " = "x" ] || [ $NOSSL -ne 1 ] ; then
2022-12-15 18:46:53 +01:00
ssl = "true"
2023-05-12 22:18:06 +02:00
s_for_https = "s"
2022-02-16 02:36:49 +01:00
certbot -n --nginx -d ${ DOMAINNAME } -d www.${ DOMAINNAME } --agree-tos -m " ${ letsencryptemail } "
2022-12-15 18:46:53 +01:00
else
2023-05-12 22:18:06 +02:00
s_for_https = ""
2022-12-15 18:46:53 +01:00
ssl = "false"
2022-02-16 02:36:49 +01:00
fi
2022-02-07 01:16:59 +01:00
2022-12-15 18:46:53 +01:00
# Generate the website and put in place
curl --location https://github.com/twbs/bootstrap/archive/v5.2.3.zip > ${ TMPDIR :- /tmp } /bootstrap.zip
unzip -o -d ${ TMPDIR :- /tmp } /bootstrap ${ TMPDIR :- /tmp } /bootstrap.zip "bootstrap-5.2.3/scss/*"
if [ -d " $( dirname " $0 " ) " /../website/_sass/bootstrap ] ; then
rm -r " $( dirname " $0 " ) " /../website/_sass/bootstrap
2022-02-16 02:36:49 +01:00
fi
2022-12-15 18:46:53 +01:00
mv ${ TMPDIR :- /tmp } /bootstrap/bootstrap-5.2.3/scss " $( dirname " $0 " ) " /../website/_sass/bootstrap
rm -r ${ TMPDIR :- /tmp } /bootstrap.zip ${ TMPDIR :- /tmp } /bootstrap
cat > " $( dirname " $0 " ) " /../website/_config.yml <<EOF
2023-05-12 22:18:06 +02:00
title: "onFOSS"
description: >
onFOSS-LAN is a online, "Free (as Freedom) and Open Source" LAN-Party hosted by ${ HOSTEDBYNAME } . The goal is to get people together, enjoying the art of computer games and having a great time in these days. The FOSS community is a place of being open minded and acceptance to all different kinds of people with the focus of fully transparent systems and protecting individuals. So it does not matter if you are on Windows, Mac or Linux and it is also NOT necessary to have a PC MASTERRACE setup to run those games.
url: http${ s_for_https } ://${ DOMAINNAME }
2022-12-15 18:46:53 +01:00
content:
hosted_by_name: " ${ HOSTEDBYNAME } "
domain_name: " ${ DOMAINNAME } "
offline: false
ssl: ${ ssl }
md5password: " $( echo -n " ${ systempassword } " | md5sum | cut -d' ' -f1) "
2023-05-09 02:48:33 +02:00
defaults:
-
scope:
path: ""
type: "posts"
values:
layout: "post"
plugins:
- jekyll-feed
2022-12-15 18:46:53 +01:00
EOF
jekyll build --source " $( dirname " $0 " ) " /../website --destination /var/www/html
2022-02-07 01:16:59 +01:00
# Patch the NGINX configuration for the web sockets
cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.bak
2022-02-27 00:03:01 +01:00
patch --ignore-whitespace --force /etc/nginx/sites-available/default <<EOF
2022-02-09 13:25:02 +01:00
--- default.bak 2022-02-09 12:00:07.665387879 +0000
+++ default 2022-02-09 12:02:41.083719671 +0000
2022-02-07 01:16:59 +01:00
@@ -16,6 +16,11 @@
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
+map \$ http_upgrade \$ connection_upgrade {
+ default upgrade;
+ '' close;
+}
+
# Default server configuration
#
server {
2022-02-27 00:03:01 +01:00
@@ -121,6 +126,20 @@
2022-02-07 01:16:59 +01:00
try_files \$ uri \$ uri/ = 404;
}
2022-02-13 02:28:23 +01:00
+ location ^~ /admin {
2022-02-13 21:10:59 +01:00
+ auth_basic "Restricted" ;
2022-02-13 02:28:23 +01:00
+ auth_basic_user_file /etc/nginx/htpasswd;
+ }
+
2022-02-27 00:03:01 +01:00
+ proxy_connect_timeout 1d;
+ proxy_send_timeout 1d;
+ proxy_read_timeout 1d;
2022-02-19 01:00:02 +01:00
+ include /etc/nginx/gameserver.d/*.conf;
2022-02-07 02:34:02 +01:00
+
+ location /monitoring/ {
+ proxy_pass http://localhost:9000/;
+ }
2022-02-07 01:16:59 +01:00
+
# pass PHP scripts to FastCGI server
#
#location ~ \\.php\$ {
EOF
2022-02-19 01:00:02 +01:00
mkdir -p /etc/nginx/gameserver.d
2022-02-13 02:28:23 +01:00
# Store password
echo -n " ${ systemuser } : " > /etc/nginx/htpasswd
2022-02-13 21:10:59 +01:00
echo -e " import bcrypt\nprint(bcrypt.hashpw(' ${ systempassword } '.encode('utf8'),bcrypt.gensalt(rounds=10)).decode('utf8')) " | python3 >> /etc/nginx/htpasswd
2022-02-13 02:28:23 +01:00
2022-02-07 01:16:59 +01:00
systemctl restart nginx
