Minecraft Server petit-mc
Used Files
|
| File | Anmerkung |
|---|---|
| playbooks/files/petit_mc/mcrcon | https://github.com/Tiiffi/mcrcon/releases/tag/v0.7.2 |
| playbooks/files/petit_mc/service-helper.sh | Helper-Script für Systemd Dienst |
| playbooks/templates/petit-mc.mc-service.jinja | Systemd-Unit File |
| playbooks/templates/petit-mc.smb.conf.jinja | Samba-Config |
| host_vars/petit_mc | Variablen für SMB-User (verschlüsselt) |
Playbook
---
- hosts: petit_mc
become: false
tasks:
- name: minecraft user
ansible.builtin.user:
name: minecraft
state: present
home: /srv/minecraft/
- name: add ssh key
ansible.posix.authorized_key:
user: minecraft
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsLI18nShd47L6o4dL2sIbhJAlWdXXc7BBSqhslTBMVziY6OBazW2jxxU0eN+Wi3RYEuOUd3xt6f56m6NgB96MxvRbfhD06FCetrEzEX/k7yWRVlvyMOSX0RjTr2UWPqOpXmLvbpOvTX4m4+rhpXlXJ1FB/jiZGNYvQEXot8PFTkMBdP0rHsdXiHhJvJy8Y/jDoErrCrK+Yger9ziCeskr3t/KET1nD6e/g4lQwVr7YftMw9s/0RiSVU4VQnUHjMiyXMpg8SD54YkmaQ8TJ14dQ3LVvMjXNGhg3fmmmxQMWot64oLe5HvNJigmKDfYxUzQuX8Ba2zAcnvHkLp/RpVB krume@YatagarasuDrive"
- name: install required packages
block:
- name: install java openjdk 17
ansible.builtin.dnf:
name: java-17-openjdk-headless.x86_64
state: latest
- name: install firewalld
ansible.builtin.dnf:
name: firewalld
state: latest
- name: install firewalld python module
ansible.builtin.dnf:
name: python3-firewall.noarch
state: latest
- name: install samba
ansible.builtin.dnf:
name: samba.x86_64
state: latest
- name: setup the minecraft server service
block:
- name: create directories
ansible.builtin.file:
path: /srv/minecraft/{{ item }}
state: directory
owner: minecraft
with_items:
- tools
- server
- name: copy over mcrcon
ansible.builtin.copy:
src: petit_mc/mcrcon
dest: /srv/minecraft/tools/mcrcon
owner: minecraft
mode: '0755'
- name: copy the service helper script
ansible.builtin.copy:
src: petit_mc/service-helper.sh
dest: /srv/minecraft/server/run.sh
owner: minecraft
mode: '0755'
- name: template out the unit file
ansible.builtin.template:
src: petit-mc.mc-service.jinja
dest: /etc/systemd/system/minecraft.service
owner: root
mode: '0644'
- name: start minecraft server service (or try to)
ansible.builtin.systemd:
name: minecraft.service
state: started
enabled: yes
daemon_reload: yes
- name: allow the user minecraft control over the minecraft service
community.general.sudoers:
name: minecraft service control
user: minecraft
commands:
- /bin/systemctl start minecraft.service
- /bin/systemctl stop minecraft.service
- /bin/systemctl restart minecraft.service
- /bin/journalctl -u minecraft.service
- /bin/journalctl -u minecraft.service -f
nopassword: true
- name: setup samba
block:
- name: template out smb config
ansible.builtin.template:
src: petit-mc.smb.conf.jinja
dest: /etc/samba/smb.conf
owner: root
mode: '0644'
- name: configure samba users
shell: >
(pdbedit --user={{ item.username }} 2>&1 > /dev/null)
|| (echo '{{ item.password }}'; echo '{{ item.password }}')
| smbpasswd -s -a {{ item.username }}
register: smbpasswd
changed_when: "'Added user' in smbpasswd.stdout"
with_items: "{{ samba_users }}"
loop_control:
label: "{{ item.username }}"
- name: (re)start the smb service
ansible.builtin.systemd:
name: smb.service
state: restarted
- name: configure firewalld
block:
- name: ssh-port
ansible.posix.firewalld:
service: ssh
permanent: yes
state: enabled
- name: minecraft-port
ansible.posix.firewalld:
port: 25501/tcp
permanent: yes
state: enabled
- name: samba-ports
ansible.posix.firewalld:
service: samba
permanent: yes
state: enabled
- name: start firewalld
ansible.builtin.systemd:
name: firewalld.service
state: started
playbooks/files/petit_mc/service-helper.s
#!/bin/bash
# don't touch me, i'm needed to make the service run!
cd $MCSERVER_WORKDIR
pwd
bash -c $(pwd)/$MCSERVER_COMMAND
playbooks/templates/petit-mc.mc-service.jinja
[Unit]
Description=Minecraft Server
Documentation=
Wants=network.target
After=network.target
[Service]
User=minecraft
Group=minecraft
Nice=5
EnvironmentFile=-/srv/minecraft/service.conf
KillMode=none
SuccessExitStatus=0 1
ProtectHome=true
ProtectSystem=full
PrivateDevices=true
NoNewPrivileges=true
PrivateTmp=true
InaccessibleDirectories=/root /sys -/opt /media -/lost+found
ReadWriteDirectories=/srv/minecraft/server
WorkingDirectory=/srv/minecraft/server
ExecStart=/srv/minecraft/server/run.sh
ExecStop=/srv/minecraft/tools/mcrcon -H localhost -P ${MCSERVER_RCONPORT} -p ${MCSERVER_RCONPASS} stop
[Install]
WantedBy=multi-user.target
playbooks/templates/petit-mc.smb.conf.jinja
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
workgroup = WORKGROUP
security = user
passdb backend = tdbsam
netbios name = petit-flare
wins support = yes
[minecraft]
valid users = minecraft
path = /srv/minecraft
read only = no
host_vars/petit_mc
samba_users:
- username: minecraft
password: *****