Index: source/tools/lobbybots/README.md =================================================================== --- source/tools/lobbybots/README.md +++ source/tools/lobbybots/README.md @@ -37,9 +37,9 @@ the new release is available for their platform (applies mostly to linux distributions). If you decide to do so, you should use a naming pattern that includes the targetted Pyrogenesis version. -For example to provide a Multiplayer Lobby for Pyrogenesis Alpha 23 "Ken Wood", -name the lobby room `arena23` instead of `arena` and use `xpartamupp23` and `echelon23` as lobby bot names. -Then when a version 24 of Pyrogenesis is employed, you can easily add `arena24`, `xpartamupp24` and `echelon24`. +For example to provide a Multiplayer Lobby for Pyrogenesis Alpha 24, +name the lobby room `arena24` instead of `arena` and use `xpartamupp24` and `echelon24` as lobby bot names. +Then when a version 25 of Pyrogenesis is employed, you can easily add `arena25`, `xpartamupp25` and `echelon25`. If you only want to use the service for local testing, you can stick to a single room and a single gamelist and rating bot. ## 1. Install dependencies @@ -373,7 +373,7 @@ ``` modules: mod_muc_log: - outdir: "/lobby/logs" + outdir: "/0ad-lobby/logs" file_format: plaintext timezone: universal mod_muc: @@ -433,8 +433,8 @@ The rating account is only needed if you decided to enable the rating service. ``` - $ ejabberdctl register echelon23 lobby.wildfiregames.com secure_password - $ ejabberdctl register xpartamupp23 lobby.wildfiregames.com secure_password + $ ejabberdctl register echelon24 lobby.wildfiregames.com secure_password + $ ejabberdctl register xpartamupp24 lobby.wildfiregames.com secure_password ``` ### 4.2 Authorize lobby bots to see real JIDs @@ -453,7 +453,7 @@ default_room_options: anonymous: false -#### Choice B: Non-anonymous room +#### Choice B: Semi-anonymous room * If you for any reason wish to configure the room as semi-anonymous (only muc administrators can see real JIDs), then the bots need to be authorized as muc administrators: @@ -475,8 +475,8 @@ acl: ## Don't use a regex, to prevent others from obtaining permissions after registering such an account. bots: - - user: "xpartamupp23@lobby.wildfiregames.com" - - user: "echelon23@lobby.wildfiregames.com" + - user: "xpartamupp24@lobby.wildfiregames.com" + - user: "echelon24@lobby.wildfiregames.com" ``` * Add an access rule for `ipbots` and a rule allowing bots to create PubSub nodes: @@ -512,7 +512,7 @@ * Execute the following command to run the gamelist bot: ``` - $ python3 XpartaMuPP.py --domain lobby.wildfiregames.com --login xpartamupp23 --password XXXXXX --nickname GamelistBot --room arena --elo echelon23 + $ python3 XpartaMuPP.py --domain lobby.wildfiregames.com --login xpartamupp24 --password XXXXXX --nickname GamelistBot --room arena --elo echelon24 ``` If you want to run XpartaMuPP without a rating bot, the `--elo` argument should be omitted. @@ -522,7 +522,7 @@ * If the connection and authentication succeeded, you should see the following messages in the console: ``` - INFO JID set to: xpartamupp23@lobby.wildfiregames.com/CC + INFO JID set to: xpartamupp24@lobby.wildfiregames.com/CC INFO XpartaMuPP started ``` @@ -557,11 +557,43 @@ * Execute the following command to run the rating bot: ``` - $ python3 EcheLOn.py --domain lobby.wildfiregames.com --login echelon23 --password XXXXXX --nickname RatingBot --room arena23 + $ python3 EcheLOn.py --domain lobby.wildfiregames.com --login echelon24 --password XXXXXX --nickname RatingBot --room arena24 ``` Run `python3 EcheLOn.py --help` for the full list of options +### 4.6 Setup systemd services + +* The bots will now be registered as a systemd service, so that they are started automatically when the system starts. + +* Place the lobby bot source code under `/0ad-lobby/bots/xpartamupp24/` or + consider a repository checkout of that folder to pull updates or add and revert local changes. + +* Copy and adapt the bot configuration files `/etc/0ad-lobby/xpartamupp24.conf` and `/etc/0ad-lobby/echelon24.conf`. + +* Copy the `xpartamupp@.service` and `echelon@.service` service template files to `/etc/systemd/system/`. + +* Enable an instance of the service template using `systemctl enable xpartamupp@24.service`. + +* Start the service using `systemctl start xpartamupp@24.service`. + +* In case of error, view the log using `journalctl -u xpartamupp@24.service`. + +### 4.7 Setup backup cronjob + +* Now a cronjob is set up in order to reoccuringly preserve the accounts of the userbase. + +* Copy the two backup scripts to `/0ad-lobby/backup/` + +* Create the folders `0ad-lobby/backup/ratings/` and `0ad-lobby/backup/users/` + +* Call `crontab -e` and add the following two lines to call these scripts on a daily base: + + ``` + 0 5 * * 0 /0ad-lobby/backup/backup-users.sh + 5 5 * * 0 /0ad-lobby/backup/backup-ratings.sh + ``` + ## 5. Configure Pyrogenesis for the new Multiplayer Lobby The Pyrogenesis client is now going to be configured to become able to connect to the new Multiplayer Lobby. @@ -578,13 +610,13 @@ * Add the following settings that determine the lobby server connection: ``` - lobby.room = "arena23" ; Default MUC room to join + lobby.room = "arena24" ; Default MUC room to join lobby.server = "lobby.wildfiregames.com" ; Address of lobby server lobby.stun.server = "lobby.wildfiregames.com" ; Address of the STUN server. lobby.require_tls = true ; Whether to reject connecting to the lobby if TLS encryption is unavailable. lobby.verify_certificate = true ; Whether to reject connecting to the lobby if the TLS certificate is invalid. - lobby.xpartamupp = "xpartamupp23" ; Name of the server-side XMPP-account that manage games - lobby.echelon = "echelon23" ; Name of the server-side XMPP-account that manages ratings + lobby.xpartamupp = "xpartamupp24" ; Name of the server-side XMPP-account that manage games + lobby.echelon = "echelon24" ; Name of the server-side XMPP-account that manages ratings ``` If you disabled TLS encryption, set `require_tls` to `false`. Index: source/tools/lobbybots/backup/backup-ratings.sh =================================================================== --- /dev/null +++ source/tools/lobbybots/backup/backup-ratings.sh @@ -0,0 +1,10 @@ +#!/bin/bash +#mysqldump --databases lobby_rankings | bzip2 -c > lobby_rankings-$(date +%Y-%m-%d-%H.%M.%S).sql.bz2 + +PREFIX="/lobby/backup/ratings/lobby-rankings" + +rm -rfv $PREFIX-$(date --date="14 days ago" +%Y-%m-%d).sql.7z + +DEST="$PREFIX-$(date +%Y-%m-%d).sql" +mysqldump --databases lobby_rankings > $DEST +p7zip $DEST Index: source/tools/lobbybots/backup/backup-users.sh =================================================================== --- /dev/null +++ source/tools/lobbybots/backup/backup-users.sh @@ -0,0 +1,9 @@ +#!/bin/sh +PREFIX="/lobby/backup/users/ejabberd" + +rm -rfv $PREFIX-$(date --date="14 days ago" +%Y-%m-%d).7z + +DEST=$PREFIX-$(date +%Y-%m-%d) +sudo -u ejabberd ejabberdctl backup $DEST +p7zip $DEST.BUPTMP +mv $DEST.BUPTMP.7z $DEST.7z Index: source/tools/lobbybots/mod_ipstamp/src/mod_ipstamp.erl =================================================================== --- source/tools/lobbybots/mod_ipstamp/src/mod_ipstamp.erl +++ source/tools/lobbybots/mod_ipstamp/src/mod_ipstamp.erl @@ -1,4 +1,4 @@ -%% Copyright (C) 2018 Wildfire Games. +%% Copyright (C) 2019 Wildfire Games. %% This file is part of 0 A.D. %% %% 0 A.D. is free software: you can redistribute it and/or modify @@ -18,14 +18,13 @@ -behaviour(gen_mod). --include("ejabberd.hrl"). -include("logger.hrl"). -include("xmpp.hrl"). -export([start/2, stop/1, depends/2, - mod_opt_type/1, + mod_options/1, reload/3, on_filter_packet/1]). @@ -37,7 +36,7 @@ depends(_Host, _Opts) -> []. -mod_opt_type(_) -> []. +mod_options(_) -> []. reload(_Host, _NewOpts, _OldOpts) -> ok. Index: source/tools/lobbybots/systemd/echelon24.conf =================================================================== --- /dev/null +++ source/tools/lobbybots/systemd/echelon24.conf @@ -0,0 +1,6 @@ +SERVER=localhost +DOMAIN=lobby.wildfiregames.com +LOGIN=echelon24 +PASSWORD=securepassword +NICKNAME=echelon24 +ROOM=arena24 Index: source/tools/lobbybots/systemd/echelon@.service =================================================================== --- /dev/null +++ source/tools/lobbybots/systemd/echelon@.service @@ -0,0 +1,26 @@ +[Unit] +Description=EcheLOn Pyrogenesis/0 A.D. Lobby Bot %i +Documentation=https://trac.wildfiregames.com/ +After=network.target ejabberd.service + +[Service] +Type=simple +User=nobody +EnvironmentFile=/etc/0ad-lobby/echelon-%i.conf +ExecStart=python3 /0ad-lobby/arena%i/EcheLoN/EcheLoN.py \ + --login ${LOGIN} --password ${PASSWORD} --nickname ${NICKNAME} --domain ${HOST} --server ${SERVER} \ + --room ${ROOM} -d + +Restart=on-failure + +# Hardening +NoNewPrivileges=yes +PrivateDevices=yes +ProtectKernelTunables=yes +ProtectKernelModules=yes +PrivateUsers=yes +PrivateTmp=yes +ProtectSystem=yes + +[Install] +WantedBy=multi-user.target Index: source/tools/lobbybots/systemd/xpartamupp24.conf =================================================================== --- /dev/null +++ source/tools/lobbybots/systemd/xpartamupp24.conf @@ -0,0 +1,7 @@ +SERVER=localhost +DOMAIN=lobby.wildfiregames.com +LOGIN=xpartamupp24 +PASSWORD=securepassword +NICKNAME=xpartamupp24 +ROOM=arena24 +ELO=echelon24 Index: source/tools/lobbybots/systemd/xpartamupp@.service =================================================================== --- /dev/null +++ source/tools/lobbybots/systemd/xpartamupp@.service @@ -0,0 +1,25 @@ +[Unit] +Description=XpartaMuPP Pyrogenesis/0 A.D. Lobby Bot %i +Documentation=https://trac.wildfiregames.com/ +After=network.target ejabberd.service + +[Service] +Type=simple +User=nobody +EnvironmentFile=/etc/0ad-lobby/xpartamupp%i.conf +ExecStart=python3 /0ad-lobby/arena%i/XpartaMuPP/XpartaMuPP.py \ + --login ${LOGIN} --password ${PASSWORD} --nickname ${NICKNAME} --domain ${HOST} --server ${SERVER} \ + --room ${ROOM} -d --elo ${ELO} +Restart=on-failure + +# Hardening +NoNewPrivileges=yes +PrivateDevices=yes +ProtectKernelTunables=yes +ProtectKernelModules=yes +PrivateUsers=yes +PrivateTmp=yes +ProtectSystem=yes + +[Install] +WantedBy=multi-user.target