Client-node-environment-setup.md

Client Node setup

On your node server, where you will be using the minecraft servers:

1. Install all dependencies:

   Note: make sure you have wheezy-backports enabeld, otherwise you won't have a useful nodejs!

   sudo apt-get install git libapache2-mod-php5 mysql-client php5-mcrypt php5-curl php5-cli php5-dev php-pear libssh2-1 libssh2-php libssh2-1-dev postfix denyhosts openssl curl git rssh quota nodejs-legacy build-essential pwgen

   Install npm using:

   curl https://www.npmjs.org/install.sh | sudo sh

This installs everything you need to run most PHP 5.4.x webapps, with MySQL client support, Postfix for email support and nodejs for javascript applications, quota for user quotas and build-essential for the upcoming steps. Additionally, it sets you up with some developer tools (for example: to install php5-ssh2 from pecl if the version from the repos is too old). It also installs DenyHosts which uses TCPWrappers's /etc/hosts.deny to blacklist brute forcing hostst on the fly so SSH break-ins are a a lot harder.

Since minecraft requires Java, it makes sense to install a quality Java Runtime. Let's take the one made by Oracle. In order to make this support system defaults and updates, use the webupd8team repository:

su - # echo needs root, you can use sudo su too
echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu precise main" | tee -a /etc/apt/sources.list
echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu precise main" | tee -a /etc/apt/sources.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys EEA14886
apt-get update
exit

This sets you up with a respository that allows you to install Oracle's Java from the system package managers. To do so:

sudo apt-get install oracle-java7-installer

If you had a different JVM installed, execute this to make Oracle Java the default JVM Runtime:

sudo apt-get install oracle-java7-set-default

All of these commands are for Java 7. If you want to install a different version, subsitute the 7 with the version you want (and make sure it exist in the repo, or it simply won't do anything)

2. Install the node environment

   First, setup a few directories you're gonna need:

   sudo mkdir /srv/scripts sudo mkdir /srv/servers sudo mkdir /srv/modpacks

   Then, configure sshd by executing: sudo nano /etc/sshd/sshd_config

    and apply these steps:
   
    - Set sftp to use the internal command:
   
    	Comment out (by adding a hash mark in front of the line (#)):
    	Subsystem sftp /usr/lib/openssh/sftp-server
   
    	Insert (above or below that line):
    	Subsystem sftp internal-sftp
   
   
    - Set the rssh group to sftp-only by adding this to the end of the file:
   
    	Match Group rsshusers
    		ChrootDirectory /srv/servers/%u
    		X11Forwarding no
    		AllowTcpForwarding no
    		ForceCommand internal-sftp
   

   Save with Control+X, press Y, press enter

   Next, configure RSSH:

   sudo addgroup rsshusers sudo nano /etc/rssh.conf

   Inside the configuration file, remove the hash mark (#) in front of allowsftp to enable sftp.

   Save with Control+X, press Y, press enter

   With RSSH and SSHD done, lets get some other services set-up:

    Install gsd by moving to the srv directory and cloning it from the repo using git:
   
    cd /srv/ && sudo git clone https://github.com/gametainers/gsd.git
   
    Then install it using a restricted user:
   
    sudo chown -R www-data:www-data /srv/gsd
    sudo chmod -R 0775 /srv/gsd
    cd /srv/gsd; sudo npm install; cd ~
   

   Now, setup cpulimit, with the following commands:

   git clone https://github.com/DaneEveritt/cpulimit.git cd cpulimit make sudo cp cpulimit /usr/local/bin

   Finally, we set up a vhost to allow users to administer their servers:

   [ INSERT VHOST HERE ]

   This concludes the environment setup phase.

Client-node-PufferPanel-setup.md

3. Install the node itself

   Installing the node requires you to setup a few files, a web interface, a SSH user, sudo access for that user, pubkey authentication and a shared AES key.

   So, let's start by getting the required files:

   git clone https://github.com/DaneEveritt/PufferPanel.git

   [ COPY FILES TO PLACES AND SUCH ]

   Second, setup a user so the master node can execute on the client node:

   [ CREATE USER, ALLOW SUDO ACCESS TO CERTAIN COMMANDS, SETUP PUBKEY AUTH ]

Debian-full-setup-guide.md

Debian PufferPanel setup

This guide was written for Debian Wheezy (Debian Stable at the time of writing - 2014) with version 7.4

Quickstart: what you basically need to do to have a minecraft server up and running:

• Setup at least 1 admin node
• Setup at least 1 client node

Introduction

I'm assuming you have a basic knowledge of how to administer a Debian (or derivative distro like Ubuntu), you already have a running server with SSH access, a domain name you have access to (to add A-records) and root or at least sudo access. PufferPanel (at this time) is designed to run on one server per node.

This means you have to have 2 servers or one server with virtualisation software installed so you can run 2 virtual servers. Since the admin node won't be running minecraft, you could use a cheaper cloud or VPS server as those tend to be instantly available and a whole lot less expensive than a powerful server you'd want to use for minecraft servers.

In order to guide you through the setup, this guide is devided in to chapters and sections to separate the tasks you need to perform in order to complete a basic setup to get you started with this awesome panel.

Note:

This requires vhosts and certain tools and dependencies. Each node setup list allows you to perform all tasks for setting this up for the node type. First, you'll set up the node environments and the master, next you set up the node communication, storage locations and client nodes. During this setup I might assume certain things, if this proves to be a problem for new or existing installations, please let me know so this can be fixed in future revisions.

Before you begin, make sure of the following:

• You are using Debian or a comparable DEB based Linux distribution
• You have root access and/or sudo access via SSH or a direct console (Keyboard + Screen + Mouse or (i)KVM)
• You have contrib and non-free repos on in your APT settings and your system is up-to-date
• You are not killing existing services on the system if you are using things besides PufferPanel

Geting started

To begin or continue with your installation, pick a step from the list below:

###1. Setting up a debian master node

1.1 [[Master node environment setup]]

1.2 [[Master node PufferPanel setup]]

###2. Setting up a debian client node

2.1 [[Client node environment setup]]

2.2 [[Client node PufferPanel setup]]

Master-node-environment-setup.md

Master Node setup

On your admin server, where you will be using the admin cp:

1. Install all dependencies:

   sudo apt-get install git libapache2-mod-php5 mysql-server phpmyadmin php5-mcrypt php5-curl php5-cli php5-dev php-pear libssh2-1 libssh2-php libssh2-1-dev denyhosts postfix

This installs everything you need to run most PHP 5.4.x webapps, with MySQL, Postfix for email support and phpmyadmin for database administration. Additionally, it sets you up with some developer tools (for example: to install php5-ssh2 from pecl if the version from the repos is too old). It also installs DenyHosts which uses TCPWrappers's /etc/hosts.deny to blacklist brute forcing hostst on the fly so SSH break-ins are a a lot harder.

2. Setup a vhost:

   I use a vhost-specific location: /var/www-vhosts/, so to make a vhosts for your master node:

   sudo mkdir -p /var/www-vhosts/master1.domain.tld

   (Replace master1.domain.tld with your actual FQDN, and do so in any examples from here!)

   Create directories for the log files:

   sudo mkdir /var/log/apache2/master1.domain.tld

   Create a vhost configuration file and set the basic settings:

   sudo nano /etc/apache2/sites-available/master1.domain.tld

   This opens nano with the vhost config file in the proper location. Enter the following configuration to get started:

   <VirtualHost *:80> DocumentRoot /var/www-vhosts/master1.domain.tld ServerName master1.domain.tld ServerAlias www.master1.domain.tld

    <Directory "/var/www-vhosts/master1.domain.tld">
    	allow from all
    	Options -Indexes
    </Directory>
   
    ErrorLog /var/log/apache2/master1.domain.tld/error.log
    LogLevel notice
    TransferLog /var/log/apache2/master1.domain.tld/access.log
    UseCanonicalName on
   

   Save and exit with: Ctrl-X and press Y to accept the save and enter to close nano. Execute: sudo a2ensite master1.domain.tld to activate the vhost.

   To automatically rotate the server logs, create a logrotate file:

   sudo nano /etc/logrotate.d/apache2-master1.domain.tld

   and use these settings for a default log rotation scheme:

   /var/log/apache2/master1.domain.tld/*.log { weekly missingok rotate 52 compress delaycompress notifempty create 640 root adm sharedscripts postrotate /etc/init.d/apache2 reload > /dev/null endscript }

   Again, Ctrl+X to save, Y to confirm, enter to close.

   Set the correct permissions on everything to make your environment reasonably secure:

   sudo chgrp -R www-data /var/www-vhosts/master1.domain.tld sudo chgrp -R www-data /var/log/apache2/master1.domain.tld sudo chmod -R 775 /var/www-vhosts/master1.domain.tld sudo chmod -R 775 /var/log/apache2/master1.domain.tld

   Turn on Apache2's rewrite support:

   sudo a2enmod rewrite

   restart apache2:

   sudo invoke-rc.d apache2 restart

   At this point you have the following:

   • A vhost capable of running a PufferPanel Master Node with all dependencies
   • Automatic log rotation
   • Tools for later upgrades
   • Tools for setting up databases and database credentials
   • Mail capabilities using a robust MTA
   • Reasonably secured vhost environment

   Next, we clone the PufferPanel repository to get the needed files for our master (we're going with bleeding-edge here, select a version with checkout if you want a specific release):

   cd ~ #(In case you aren't in your home directory) git clone https://github.com/DaneEveritt/PufferPanel.git cd PufferPanel sudo cp -R master/* /var/www-vhosts/master1.domain.tld/ sudo chown -R www-data:www-data /var/www-vhosts/master1.domain.tld/ sudo chmod -R 0775 /var/www-vhosts/master1.domain.tld/ sudo chmod 0777 /var/www-vhosts/master1.domain.tld/admin/install sudo chmod 0777 /var/www-vhosts/master1.domain.tld/admin/install/do sudo chmod 0777 /var/www-vhosts/master1.domain.tld/core/framework sudo chmod 0666 /var/www-vhosts/master1.domain.tld/core/framework/configuration.php.dist

   At this point, PufferPanel is ready for setup.

Master-node-PufferPanel-setup.md

To set up your new installation, point your browser to the vhost you created (i.e. master1.domain.tld) with url:

http://master1.domain.tld/admin/install

Follow the instructions on the screen, and don't forget to store the hashfile (the installer will tell you all about it).
Afterwards, execute:

sudo chmod 0755 /var/www-vhosts/master1.domain.tld/core/framework
sudo chmod 0444 /var/www-vhosts/master1.domain.tld/core/framework/configuration.php.dist

to reset the permissions to a somewhat more safer state.

If you didn't read the messages on the installation screen: you need to delete the installation directory!
To do so:

sudo rm -r /var/www-vhosts/master1.domain.tld/admin/install


Your master node is hereby complete.


Troubleshooting:


Q: I get a blank page!
A: Did you restart Apache2? If so, check the error logs for your vhost after making a request

Q: My page looks like it's from 1990!
A: Your CSS and other assets aren't loading, fix this in the database by changing the assets_url in acp_settings to <website FQDN here>/assets/

Q: I can't login!
A: you probably messed up your cookie domain, set it to your domain name (NOT your FQDN, just the domain + tld)

Q: The navigation is all messed up, when I click something in the admin, the url tries to find admin within admin!
A: Your master_url is incorret, fix this in the database by changing the master_url in acp_settings to <website FQDN here>