From 3b7e4720d80dbba54780d103936b8e2080733e4b Mon Sep 17 00:00:00 2001 From: spengreb Date: Sat, 6 Nov 2021 03:07:00 +0100 Subject: [PATCH] Intial commit --- .gitignore | 42 +++++++++++ .gitlab-ci.yml | 26 +++++++ README.md | 43 +++++++++++ aws_ubuntu20_jamulus.json | 46 ++++++++++++ build.sh | 12 +++ install-packer.sh | 14 ++++ main.tf | 106 +++++++++++++++++++++++++++ payload/init.d/jamulus.service | 30 ++++++++ payload/init.d/node_exporter.service | 11 +++ scripts/deps.sh | 21 ++++++ scripts/server-start.sh | 5 ++ 11 files changed, 356 insertions(+) create mode 100644 .gitignore create mode 100644 .gitlab-ci.yml create mode 100644 README.md create mode 100644 aws_ubuntu20_jamulus.json create mode 100755 build.sh create mode 100755 install-packer.sh create mode 100644 main.tf create mode 100644 payload/init.d/jamulus.service create mode 100644 payload/init.d/node_exporter.service create mode 100755 scripts/deps.sh create mode 100644 scripts/server-start.sh diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a33ee76 --- /dev/null +++ b/.gitignore @@ -0,0 +1,42 @@ + +# Created by https://www.toptal.com/developers/gitignore/api/terraform +# Edit at https://www.toptal.com/developers/gitignore?templates=terraform + +### Terraform ### +# Local .terraform directories +**/.terraform/* + +# .tfstate files +*.tfstate +*.tfstate.* + +# Crash log files +crash.log + +# Exclude all .tfvars files, which are likely to contain sentitive data, such as +# password, private keys, and other secrets. These should not be part of version +# control as they are data points which are potentially sensitive and subject +# to change depending on the environment. +# +*.tfvars + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Include override files you do wish to add to version control using negated pattern +# !example_override.tf + +# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan +# example: *tfplan* + +# Ignore CLI configuration files +.terraformrc +terraform.rc +.terraform.lock.hcl +# End of https://www.toptal.com/developers/gitignore/api/terraform + +jamulus.pem \ No newline at end of file diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..d762c3c --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,26 @@ +image: + name: hashicorp/packer:latest + entrypoint: + - '/usr/bin/env' + - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' + +before_script: + - packer --version + +stages: + - validate + - build + +validate: + stage: validate + script: + - find . -maxdepth 1 -name '*.json' -print0 | xargs -t0n1 packer validate + +build: + stage: build + environment: production + script: + - ./build.sh $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY + when: manual + only: + - master diff --git a/README.md b/README.md new file mode 100644 index 0000000..c1b3a5a --- /dev/null +++ b/README.md @@ -0,0 +1,43 @@ +# Setup Ephemeral jamulus Server +> This project will help you create a game server with jamulus on it. You can create an IAM image with packer with arma and deps installed. You can create a jamulus server with that image using terraform + +# Getting Started +## Create a .pem file +Create a .pem file either locally or on AWS and import it here. it could be called `jamulus.pem` + +## Building the IAM Image + +Use packer to create the IAM image. `aws_ubuntu20_jamulus.json` is the main packer file with `scripts/deps.sh` being what runs when packer is building + +**Building on linux:** +``` +# Validate your changes +$ packer validate +$ build.sh +``` + +**Building on windows:** +``` +# Validate your changes +> packer build -var "aws_access_key=" -var "aws_secret_key=" -var .\aws_ubuntu20_jamulus.sjon +``` + +**Building with CI/CD** + +Simply commit and push to gitlab. Go to the pipeline and accept the manual action. + +## Create the server + +Set up AWS profile vereto in the `~/.aws/credentials` file + +``` +# Do a dry run (WILL NOT CREATE SERVER) +$ terraform plan + +# Make the server (WILL CREATE BILLABLE SERVERS) +$ terraform apply +``` + +Changing the region of deployed server can be done under the provider standza + +Changing the instance class can be done under the `aws_instance.jamulus` stanza \ No newline at end of file diff --git a/aws_ubuntu20_jamulus.json b/aws_ubuntu20_jamulus.json new file mode 100644 index 0000000..6277cc8 --- /dev/null +++ b/aws_ubuntu20_jamulus.json @@ -0,0 +1,46 @@ +{ + "builders": [{ + "type": "amazon-ebs", + "access_key": "{{user `aws_access_key`}}", + "secret_key": "{{user `aws_secret_key`}}", + "region": "eu-central-1", + "source_ami_filter": { + "filters": { + "virtualization-type": "hvm", + "name": "ubuntu/images/*ubuntu-focal-20.04-amd64-server-*", + "root-device-type": "ebs" + }, + "owners": ["099720109477"], + "most_recent": true + }, + "instance_type": "t2.micro", + "ssh_username": "ubuntu", + "ami_name": "Jamulus-{{timestamp}}", + "launch_block_device_mappings": [{ + "device_name":"/dev/sda1", + "volume_size":100, + "volume_type":"gp2", + "encrypted":false, + "delete_on_termination":true + }], + "tags": { + "Name": "jamulus-{{timestamp}}" + } + }], + "provisioners": [ + { + "type": "file", + "source": "payload/init.d/node_exporter.service", + "destination": "/tmp/node_exporter.service" + }, + { + "type": "file", + "source": "payload/init.d/jamulus.service", + "destination": "/tmp/jamulus.service" + }, + { + "type": "shell", + "script": "scripts/deps.sh" + } + ] +} \ No newline at end of file diff --git a/build.sh b/build.sh new file mode 100755 index 0000000..79baef2 --- /dev/null +++ b/build.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash +set -x + +readonly AWS_ACCESS_KEY=${1} +readonly AWS_ACCESS_SECRET_KEY=${2} + +PACKER_INSTALLATION_DIR=`./install-packer.sh` + +${PACKER_INSTALLATION_DIR}/packer build \ + -var "aws_access_key=${AWS_ACCESS_KEY}" \ + -var "aws_secret_key=${AWS_ACCESS_SECRET_KEY}" \ + aws_ubuntu20_jamulus.json \ No newline at end of file diff --git a/install-packer.sh b/install-packer.sh new file mode 100755 index 0000000..258e738 --- /dev/null +++ b/install-packer.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +PACKER_INSTALLATION_DIR="." + +# Install Packer +if ! command -v packer > /dev/null 2>&1; then + curl https://releases.hashicorp.com/packer/1.4.4/packer_1.4.4_linux_amd64.zip -o packer.zip >/dev/null + unzip -o packer.zip -d ${PACKER_INSTALLATION_DIR} >/dev/null + rm ${PACKER_INSTALLATION_DIR}/packer.zip +else + PACKER_INSTALLATION_DIR="$(dirname `command -v packer`)" +fi + +echo ${PACKER_INSTALLATION_DIR} \ No newline at end of file diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..2fa9c04 --- /dev/null +++ b/main.tf @@ -0,0 +1,106 @@ +provider "aws" { + region = "eu-central-1" + profile = "vereto" +} + +terraform { + backend "s3" { + bucket = "net.vereto.terraform.states" + key = "jamulus/tf-base.state" + region = "eu-central-1" + } +} + +resource "aws_instance" "jamulus" { + ami = "${data.aws_ami.image.id}" + instance_type = "t3.medium" + key_name = "jamulus" + security_groups = [ aws_security_group.ssh.name, aws_security_group.jamulus.name ] # Add your own IP to this group + + provisioner "file" { + source = "scripts/server-start.sh" + destination = "/tmp/server-start.sh" + + connection { + type = "ssh" + user = "ubuntu" + host = self.public_ip + private_key = file("${path.module}/jamulus.pem") + } + } + + provisioner "remote-exec" { + inline = [ + "sleep 45", + "chmod +x /tmp/server-start.sh", + "/tmp/server-start.sh" + ] + connection { + type = "ssh" + user = "ubuntu" + host = self.public_ip + private_key = file("${path.module}/jamulus.pem") + } + } + + tags = { + Name = "jamulus-tester" + } +} + +data "aws_ami" "image" { + most_recent = true + owners = ["self"] + filter { + name = "name" + values = ["Jamulus-*"] + } +} + +variable "your_ip" { + type = string + description = "Your global IP for SSH access" +} + +resource "aws_security_group" "ssh" { + name = "jamulus-ssh-access" + description = "Allow SSH inbound traffic" +} + +resource "aws_security_group_rule" "allow_all" { + type = "egress" + to_port = 0 + protocol = "-1" + from_port = 0 + cidr_blocks = ["0.0.0.0/0"] + security_group_id = aws_security_group.ssh.id +} + +resource "aws_security_group_rule" "ssh" { + type = "ingress" + to_port = 22 + from_port = 22 + protocol = "tcp" + cidr_blocks = [ "${var.your_ip}/32"] + security_group_id = aws_security_group.ssh.id +} + + +resource "aws_security_group" "jamulus" { + name = "jamulus-port-access" + description = "Allow jamulus inbound traffic" +} + +resource "aws_security_group_rule" "jamulus" { + type = "ingress" + to_port = 22124 + from_port = 22124 + protocol = "udp" + cidr_blocks = [ "0.0.0.0/0"] + security_group_id = aws_security_group.jamulus.id +} + + +output "instance_ip" { + value = "${aws_instance.jamulus.public_ip}" +} diff --git a/payload/init.d/jamulus.service b/payload/init.d/jamulus.service new file mode 100644 index 0000000..9265b45 --- /dev/null +++ b/payload/init.d/jamulus.service @@ -0,0 +1,30 @@ +[Unit] +Description=Jamulus headless server +After=network.target +StartLimitIntervalSec=0 + +[Service] +Type=simple +User=jamulus +Group=nogroup +NoNewPrivileges=true +ProtectSystem=true +ProtectHome=true +Nice=-20 +IOSchedulingClass=realtime +IOSchedulingPriority=0 + +#### Change this to publish this server, set genre, location and other parameters. +#### See https://jamulus.io/wiki/Command-Line-Options #### +ExecStart=/bin/sh -c 'exec /usr/bin/jamulus-headless -s -n -o "Verethan1;Falkenstein;224"' + + +Restart=on-failure +RestartSec=30 +StandardOutput=journal +StandardError=inherit +SyslogIdentifier=jamulus + + +[Install] +WantedBy=multi-user.target diff --git a/payload/init.d/node_exporter.service b/payload/init.d/node_exporter.service new file mode 100644 index 0000000..42c672e --- /dev/null +++ b/payload/init.d/node_exporter.service @@ -0,0 +1,11 @@ +[Unit] +Description=node_exporter service +After=network.target + +[Service] +Type=simple +User=root +ExecStart=/usr/local/bin/node_exporter --collector.systemd + +[Install] +WantedBy=multi-user.target diff --git a/scripts/deps.sh b/scripts/deps.sh new file mode 100755 index 0000000..9f81795 --- /dev/null +++ b/scripts/deps.sh @@ -0,0 +1,21 @@ +#!/bin/bash -ex + +# apt Deps +sudo apt-get update -y +sudo apt-get install -y libqt5core5a libqt5network5 libqt5xml5 +# Prometheus Setup +wget -O /tmp/node_exporter.tar.gz https://github.com/prometheus/node_exporter/releases/download/v1.2.2/node_exporter-1.2.2.linux-amd64.tar.gz +tar xvzf /tmp/node_exporter.tar.gz -C /tmp/ +ls /tmp/ +sudo cp /tmp/node_exporter-1.2.2.linux-amd64/node_exporter /usr/local/bin/ +sudo mv /tmp/node_exporter.service /lib/systemd/system/ + +# Jamulus Setup +sudo useradd -m -s /bin/bash jam +wget -O /tmp/jamulus_headless_3.8.0_ubuntu_amd64.deb https://github.com/jamulussoftware/jamulus/releases/download/r3_8_0/jamulus_headless_3.8.0_ubuntu_amd64.deb +sudo dpkg -i /tmp/jamulus_headless_3.8.0_ubuntu_amd64.deb +sudo mv /tmp/jamulus.service /lib/systemd/system/ +# Enable Services +sudo systemctl daemon-reload +sudo systemctl enable jamulus-headless.service +sudo systemctl enable node_exporter.service diff --git a/scripts/server-start.sh b/scripts/server-start.sh new file mode 100644 index 0000000..118b236 --- /dev/null +++ b/scripts/server-start.sh @@ -0,0 +1,5 @@ +#!/bin/bash -xe + +sudo systemctl start jamulus-headless.service + +sudo systemctl start node_exporter.service \ No newline at end of file