Last active
December 28, 2023 05:44
-
-
Save meseta/53bac1a27c4ab48065c49f509a18e55b to your computer and use it in GitHub Desktop.
Initialization script for a quick SKGM-controlled server on DigitalOcean, Ubuntu 22.04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
apt-get update | |
apt-get install --no-install-recommends --yes \ | |
curl \ | |
ca-certificates \ | |
gpg \ | |
gpg-agent \ | |
dirmngr | |
# Check if deb is in sources.list | |
echo "deb http://security.ubuntu.com/ubuntu xenial-security main" > /etc/apt/sources.list.d/xenial-security.list | |
echo "deb http://security.ubuntu.com/ubuntu focal-security main" > /etc/apt/sources.list.d/focal-security.list | |
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 40976EAF437D05B5 3B4FE6ACC0B21F32 | |
gpg --export 40976EAF437D05B5 3B4FE6ACC0B21F32 >/etc/apt/trusted.gpg.d/security.ubuntu.com.gpg | |
apt-get update | |
apt-get install --no-install-recommends --yes \ | |
libxxf86vm1 \ | |
libgl1 \ | |
libssl1.1 \ | |
libxrandr2 \ | |
libglu1-mesa \ | |
libcurl4 \ | |
libopenal1 \ | |
xvfb \ | |
libssl1.0.0 \ | |
libcurl3-gnutls \ | |
lsb-release \ | |
nginx | |
# downlaod SKGM | |
mkdir -p /usr/local/bin | |
curl -L https://github.com/meseta/skgm/releases/download/v1.0.0/skgm.AppImage -o /usr/local/bin/skgm.AppImage | |
chmod +x /usr/local/bin/skgm.AppImage | |
# add unpriviledged user | |
adduser --disabled-password --gecos "" skgm | |
usermod -L skgm | |
# install the fake display startup scripts | |
cat >/etc/systemd/system/gamemaker-fake-display.service <<EOF | |
[Unit] | |
Description=GameMaker Fake Display | |
[Service] | |
Restart=on-failure | |
ExecStart=Xvfb :0 -screen 0 400x400x24 | |
[Install] | |
WantedBy=default.target | |
EOF | |
# SKGM | |
cat >/etc/systemd/system/skgm.service <<EOF | |
[Unit] | |
Description=SeverKit GameMaker | |
Requires=gamemaker-fake-display | |
StartLimitBurst=5 | |
StartLimitIntervalSec=30 | |
[Service] | |
Restart=on-failure | |
Environment="DISPLAY=:0" | |
Environment="SKGM_PORT=5001" | |
ExecStart=/usr/local/bin/skgm.AppImage --appimage-extract-and-run | |
User=skgm | |
Group=skgm | |
[Install] | |
WantedBy=default.target | |
EOF | |
chmod 664 /etc/systemd/system/gamemaker-fake-display.service | |
chmod 664 /etc/systemd/system/skgm.service | |
systemctl daemon-reload | |
systemctl enable gamemaker-fake-display | |
systemctl enable skgm | |
systemctl start gamemaker-fake-display | |
systemctl start skgm | |
# self-signed certificate and nginx reverse proxy | |
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt -subj "/C=US/ST=New York/L=New York City/O=Internet/OU=./CN=./emailAddress=." | |
cat >/etc/nginx/sites-enabled/gamemaker-5000.conf <<'EOF' | |
server { | |
listen 443 ssl; | |
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; | |
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; | |
location / { | |
proxy_set_header Host $host; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection $http_connection; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_http_version 1.1; | |
proxy_pass http://127.0.0.1:5000; | |
} | |
} | |
server { | |
listen 8443 ssl; | |
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; | |
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; | |
client_max_body_size 100M; | |
location / { | |
proxy_set_header Host $host; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection $http_connection; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_http_version 1.1; | |
proxy_pass http://127.0.0.1:5001; | |
} | |
} | |
EOF | |
rm /etc/nginx/sites-enabled/default | |
systemctl restart nginx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment