Intial commit

.gitignore

@@ -0,0 +1,42 @@
+
+# Created by https://www.toptal.com/developers/gitignore/api/terraform
+# Edit at https://www.toptal.com/developers/gitignore?templates=terraform
+
+### Terraform ###
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+#
+*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+.terraform.lock.hcl
+# End of https://www.toptal.com/developers/gitignore/api/terraform
+
+jamulus.pem

.gitlab-ci.yml

@@ -0,0 +1,26 @@
+image:
+  name: hashicorp/packer:latest
+  entrypoint:
+    - '/usr/bin/env'
+    - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
+
+before_script:
+  - packer --version
+
+stages:
+  - validate
+  - build
+
+validate:
+  stage: validate
+  script:
+    - find . -maxdepth 1 -name '*.json' -print0 | xargs -t0n1 packer validate
+
+build:
+  stage: build
+  environment: production
+  script:
+    - ./build.sh $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY
+  when: manual
+  only:
+    - master

README.md

@@ -0,0 +1,43 @@
+# Setup Ephemeral jamulus Server
+> This project will help you create a game server with jamulus on it. You can create an IAM image with packer with arma and deps installed. You can create a jamulus server with that image using terraform
+
+# Getting Started
+## Create a .pem file
+Create a .pem file either locally or on AWS and import it here. it could be called `jamulus.pem`
+
+## Building the IAM Image
+
+Use packer to create the IAM image. `aws_ubuntu20_jamulus.json` is the main packer file with `scripts/deps.sh` being what runs when packer is building
+
+**Building on linux:**
+```
+# Validate your changes
+$ packer validate
+$ build.sh <your aws key> <your aws secret>
+```
+
+**Building on windows:**
+```
+# Validate your changes
+> packer build -var "aws_access_key=<your aws key>" -var "aws_secret_key=<your aws secret>" -var .\aws_ubuntu20_jamulus.sjon
+```
+
+**Building with CI/CD**
+
+Simply commit and push to gitlab. Go to the pipeline and accept the manual action.
+
+## Create the server
+
+Set up AWS profile vereto in the `~/.aws/credentials` file
+
+```
+# Do a dry run (WILL NOT CREATE SERVER)
+$ terraform plan
+
+# Make the server (WILL CREATE BILLABLE SERVERS)
+$ terraform apply
+```
+
+Changing the region of deployed server can be done under the provider standza
+
+Changing the instance class can be done under the `aws_instance.jamulus` stanza

aws_ubuntu20_jamulus.json

@@ -0,0 +1,46 @@
+{
+    "builders": [{
+        "type": "amazon-ebs",
+        "access_key": "{{user `aws_access_key`}}",
+        "secret_key": "{{user `aws_secret_key`}}",
+        "region": "eu-central-1",
+        "source_ami_filter": {
+            "filters": {
+                "virtualization-type": "hvm",
+                "name": "ubuntu/images/*ubuntu-focal-20.04-amd64-server-*",
+                "root-device-type": "ebs"
+            },
+            "owners": ["099720109477"],
+            "most_recent": true
+        },
+        "instance_type": "t2.micro",
+        "ssh_username": "ubuntu",
+        "ami_name": "Jamulus-{{timestamp}}",
+        "launch_block_device_mappings": [{
+            "device_name":"/dev/sda1",
+            "volume_size":100,
+            "volume_type":"gp2",
+            "encrypted":false,
+            "delete_on_termination":true
+        }],
+        "tags": {
+            "Name": "jamulus-{{timestamp}}"
+        }
+    }],
+    "provisioners": [
+        {
+            "type": "file",
+            "source": "payload/init.d/node_exporter.service",
+            "destination": "/tmp/node_exporter.service"
+        },
+        {
+            "type": "file",
+            "source": "payload/init.d/jamulus.service",
+            "destination": "/tmp/jamulus.service"
+        },
+        {
+            "type": "shell",
+            "script": "scripts/deps.sh"
+        }
+    ]
+}

build.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+set -x
+
+readonly AWS_ACCESS_KEY=${1}
+readonly AWS_ACCESS_SECRET_KEY=${2}
+
+PACKER_INSTALLATION_DIR=`./install-packer.sh`
+
+${PACKER_INSTALLATION_DIR}/packer build \
+    -var "aws_access_key=${AWS_ACCESS_KEY}" \
+    -var "aws_secret_key=${AWS_ACCESS_SECRET_KEY}" \
+    aws_ubuntu20_jamulus.json

install-packer.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+PACKER_INSTALLATION_DIR="."
+
+# Install Packer
+if ! command -v packer > /dev/null 2>&1; then
+    curl https://releases.hashicorp.com/packer/1.4.4/packer_1.4.4_linux_amd64.zip -o packer.zip >/dev/null
+    unzip -o packer.zip -d ${PACKER_INSTALLATION_DIR} >/dev/null
+    rm ${PACKER_INSTALLATION_DIR}/packer.zip
+else
+    PACKER_INSTALLATION_DIR="$(dirname `command -v packer`)"
+fi
+
+echo ${PACKER_INSTALLATION_DIR}

main.tf

@@ -0,0 +1,106 @@
+provider "aws" {
+  region  = "eu-central-1"
+  profile = "vereto"
+}
+
+terraform {
+  backend "s3" {
+    bucket = "net.vereto.terraform.states"
+    key    = "jamulus/tf-base.state"
+    region = "eu-central-1"
+  }
+}
+
+resource "aws_instance" "jamulus" {
+  ami             = "${data.aws_ami.image.id}"
+  instance_type   = "t3.medium"
+  key_name        = "jamulus"
+  security_groups = [ aws_security_group.ssh.name, aws_security_group.jamulus.name ] # Add your own IP to this group
+
+  provisioner "file" {
+    source  = "scripts/server-start.sh"
+    destination = "/tmp/server-start.sh"
+
+    connection {
+      type = "ssh"
+      user = "ubuntu"
+      host = self.public_ip
+      private_key = file("${path.module}/jamulus.pem")
+    }
+  }
+
+  provisioner "remote-exec" {
+    inline = [ 
+      "sleep 45",
+      "chmod +x /tmp/server-start.sh",
+      "/tmp/server-start.sh"
+    ]
+    connection {
+      type = "ssh"
+      user = "ubuntu"
+      host = self.public_ip
+      private_key = file("${path.module}/jamulus.pem")
+    }
+  }
+
+  tags = {
+    Name = "jamulus-tester"
+  }
+}
+
+data "aws_ami" "image" {
+  most_recent = true
+  owners      = ["self"]
+  filter {
+    name   = "name"
+    values = ["Jamulus-*"]
+  }
+}
+
+variable "your_ip" {
+  type = string
+  description = "Your global IP for SSH access"
+}
+
+resource "aws_security_group" "ssh" {
+  name        = "jamulus-ssh-access"
+  description = "Allow SSH inbound traffic"
+}
+
+resource "aws_security_group_rule" "allow_all" {
+  type              = "egress"
+  to_port           = 0
+  protocol          = "-1"
+  from_port         = 0
+  cidr_blocks       = ["0.0.0.0/0"]
+  security_group_id = aws_security_group.ssh.id
+}
+
+resource "aws_security_group_rule" "ssh" {
+  type              = "ingress"
+  to_port           = 22
+  from_port         = 22
+  protocol          = "tcp"
+  cidr_blocks       = [ "${var.your_ip}/32"]
+  security_group_id = aws_security_group.ssh.id
+}
+
+
+resource "aws_security_group" "jamulus" {
+  name        = "jamulus-port-access"
+  description = "Allow jamulus inbound traffic"
+}
+
+resource "aws_security_group_rule" "jamulus" {
+  type              = "ingress"
+  to_port           = 22124
+  from_port         = 22124
+  protocol          = "udp"
+  cidr_blocks       = [ "0.0.0.0/0"]
+  security_group_id = aws_security_group.jamulus.id
+}
+
+
+output "instance_ip" {
+  value = "${aws_instance.jamulus.public_ip}"
+}

payload/init.d/jamulus.service

@@ -0,0 +1,30 @@
+[Unit]
+Description=Jamulus headless server
+After=network.target
+StartLimitIntervalSec=0
+
+[Service]
+Type=simple
+User=jamulus
+Group=nogroup
+NoNewPrivileges=true
+ProtectSystem=true
+ProtectHome=true
+Nice=-20
+IOSchedulingClass=realtime
+IOSchedulingPriority=0
+
+#### Change this to publish this server, set genre, location and other parameters.
+#### See https://jamulus.io/wiki/Command-Line-Options ####
+ExecStart=/bin/sh -c 'exec /usr/bin/jamulus-headless -s -n -o "Verethan1;Falkenstein;224"'
+
+
+Restart=on-failure
+RestartSec=30
+StandardOutput=journal
+StandardError=inherit
+SyslogIdentifier=jamulus
+
+
+[Install]
+WantedBy=multi-user.target

payload/init.d/node_exporter.service

@@ -0,0 +1,11 @@
+[Unit]
+Description=node_exporter service
+After=network.target
+
+[Service]
+Type=simple
+User=root
+ExecStart=/usr/local/bin/node_exporter --collector.systemd
+
+[Install]
+WantedBy=multi-user.target

scripts/deps.sh

@@ -0,0 +1,21 @@
+#!/bin/bash -ex
+
+# apt Deps
+sudo apt-get update -y
+sudo apt-get install -y libqt5core5a libqt5network5 libqt5xml5
+# Prometheus Setup
+wget -O /tmp/node_exporter.tar.gz https://github.com/prometheus/node_exporter/releases/download/v1.2.2/node_exporter-1.2.2.linux-amd64.tar.gz
+tar xvzf /tmp/node_exporter.tar.gz -C /tmp/
+ls /tmp/
+sudo cp /tmp/node_exporter-1.2.2.linux-amd64/node_exporter /usr/local/bin/
+sudo mv /tmp/node_exporter.service /lib/systemd/system/
+
+# Jamulus Setup
+sudo useradd -m -s /bin/bash jam
+wget -O /tmp/jamulus_headless_3.8.0_ubuntu_amd64.deb https://github.com/jamulussoftware/jamulus/releases/download/r3_8_0/jamulus_headless_3.8.0_ubuntu_amd64.deb
+sudo dpkg -i /tmp/jamulus_headless_3.8.0_ubuntu_amd64.deb
+sudo mv /tmp/jamulus.service /lib/systemd/system/
+# Enable Services
+sudo systemctl daemon-reload
+sudo systemctl enable jamulus-headless.service
+sudo systemctl enable node_exporter.service

scripts/server-start.sh

@@ -0,0 +1,5 @@
+#!/bin/bash -xe
+
+sudo systemctl start jamulus-headless.service
+
+sudo systemctl start node_exporter.service