Index: source/tools/lobbybots/README.md =================================================================== --- source/tools/lobbybots/README.md +++ source/tools/lobbybots/README.md @@ -37,9 +37,9 @@ the new release is available for their platform (applies mostly to linux distributions). If you decide to do so, you should use a naming pattern that includes the targetted Pyrogenesis version. -For example to provide a Multiplayer Lobby for Pyrogenesis Alpha 23 "Ken Wood", -name the lobby room `arena23` instead of `arena` and use `xpartamupp23` and `echelon23` as lobby bot names. -Then when a version 24 of Pyrogenesis is employed, you can easily add `arena24`, `xpartamupp24` and `echelon24`. +For example to provide a Multiplayer Lobby for Pyrogenesis Alpha 24, +name the lobby room `arena24` instead of `arena` and use `xpartamupp24` and `echelon24` as lobby bot names. +Then when a version 25 of Pyrogenesis is employed, you can easily add `arena25`, `xpartamupp25` and `echelon25`. If you only want to use the service for local testing, you can stick to a single room and a single gamelist and rating bot. ## 1. Install dependencies @@ -280,7 +280,7 @@ - "no_sslv2" - "no_sslv3" - "no_tlsv1" - ``` + ``` ## 3. Configure ejabberd use policy @@ -345,9 +345,9 @@ * (Optional) Prevent users from sending too large stanzas. Notice the bots can send large stanzas as well, so don't restrict it too much. - ``` + ``` max_stanza_size: 1048576 - ``` + ``` * (Optional) Prevent users from changing the room topic: @@ -373,7 +373,7 @@ ``` modules: mod_muc_log: - outdir: "/lobby/logs" + outdir: "/0ad-lobby/logs" file_format: plaintext timezone: universal mod_muc: @@ -433,8 +433,8 @@ The rating account is only needed if you decided to enable the rating service. ``` - $ ejabberdctl register echelon23 lobby.wildfiregames.com secure_password - $ ejabberdctl register xpartamupp23 lobby.wildfiregames.com secure_password + $ ejabberdctl register echelon24 lobby.wildfiregames.com secure_password + $ ejabberdctl register xpartamupp24 lobby.wildfiregames.com secure_password ``` ### 4.2 Authorize lobby bots to see real JIDs @@ -452,8 +452,9 @@ mod_muc: default_room_options: anonymous: false + ``` -#### Choice B: Non-anonymous room +#### Choice B: Semi-anonymous room * If you for any reason wish to configure the room as semi-anonymous (only muc administrators can see real JIDs), then the bots need to be authorized as muc administrators: @@ -465,7 +466,7 @@ modules: mod_muc: access_admin: muc_admin - ``` + ``` ### 4.3 Authorize lobby bots with ejabberd @@ -475,8 +476,8 @@ acl: ## Don't use a regex, to prevent others from obtaining permissions after registering such an account. bots: - - user: "xpartamupp23@lobby.wildfiregames.com" - - user: "echelon23@lobby.wildfiregames.com" + - user: "xpartamupp24@lobby.wildfiregames.com" + - user: "echelon24@lobby.wildfiregames.com" ``` * Add an access rule for `ipbots` and a rule allowing bots to create PubSub nodes: @@ -512,7 +513,7 @@ * Execute the following command to run the gamelist bot: ``` - $ python3 XpartaMuPP.py --domain lobby.wildfiregames.com --login xpartamupp23 --password XXXXXX --nickname GamelistBot --room arena --elo echelon23 + $ python3 XpartaMuPP.py --server localhost --domain lobby.wildfiregames.com --login xpartamupp24 --password XXXXXX --nickname GamelistBot --room arena --elo echelon24 ``` If you want to run XpartaMuPP without a rating bot, the `--elo` argument should be omitted. @@ -522,7 +523,7 @@ * If the connection and authentication succeeded, you should see the following messages in the console: ``` - INFO JID set to: xpartamupp23@lobby.wildfiregames.com/CC + INFO JID set to: xpartamupp24@lobby.wildfiregames.com/CC INFO XpartaMuPP started ``` @@ -536,17 +537,17 @@ * (Optional) Some constants of the algorithm may be edited by experienced administrators at the head of `ELO.py`: - ``` - # Difference between two ratings such that it is - # regarded as a "sure win" for the higher player. - # No points are gained or lost for such a game. - elo_sure_win_difference = 600.0 - - # Lower ratings "move faster" and change more - # dramatically than higher ones. Anything rating above - # this value moves at the same rate as this value. - elo_k_factor_constant_rating = 2200.0 - ``` + ``` + # Difference between two ratings such that it is + # regarded as a "sure win" for the higher player. + # No points are gained or lost for such a game. + elo_sure_win_difference = 600.0 + + # Lower ratings "move faster" and change more + # dramatically than higher ones. Anything rating above + # this value moves at the same rate as this value. + elo_k_factor_constant_rating = 2200.0 + ``` * To initialize the `lobby_rankings.sqlite3` database, execute the following command: @@ -557,11 +558,43 @@ * Execute the following command to run the rating bot: ``` - $ python3 EcheLOn.py --domain lobby.wildfiregames.com --login echelon23 --password XXXXXX --nickname RatingBot --room arena23 + $ python3 EcheLOn.py --server localhost --domain lobby.wildfiregames.com --login echelon24 --password XXXXXX --nickname RatingBot --room arena24 ``` Run `python3 EcheLOn.py --help` for the full list of options +### 4.6 Setup systemd services + +* The bots will now be registered as a systemd service, so that they are started automatically when the system starts. + +* Place the lobby bot source code under `/0ad-lobby/bots/xpartamupp24/` or + consider a repository checkout of that folder to pull updates or add and revert local changes. + +* Copy and adapt the bot configuration files `/etc/0ad-lobby/xpartamupp24.conf` and `/etc/0ad-lobby/echelon24.conf`. + +* Copy the `xpartamupp@.service` and `echelon@.service` service template files to `/etc/systemd/system/`. + +* Enable an instance of the service template using `systemctl enable xpartamupp@24.service`. + +* Start the service using `systemctl start xpartamupp@24.service`. + +* In case of error, view the log using `journalctl -u xpartamupp@24.service`. + +### 4.7 Setup backup cronjob + +* Now a cronjob is set up in order to reoccuringly preserve the accounts of the userbase. + +* Copy the two backup scripts to `/0ad-lobby/backup/` + +* Create the folders `0ad-lobby/backup/ratings/` and `0ad-lobby/backup/users/` + +* Call `crontab -e` and add the following two lines to call these scripts on a daily base: + + ``` + 0 0 * * * /0ad-lobby/backup/backup-users.sh + 0 0 * * * /0ad-lobby/backup/backup-ratings.sh + ``` + ## 5. Configure Pyrogenesis for the new Multiplayer Lobby The Pyrogenesis client is now going to be configured to become able to connect to the new Multiplayer Lobby. @@ -578,13 +611,13 @@ * Add the following settings that determine the lobby server connection: ``` - lobby.room = "arena23" ; Default MUC room to join + lobby.room = "arena24" ; Default MUC room to join lobby.server = "lobby.wildfiregames.com" ; Address of lobby server lobby.stun.server = "lobby.wildfiregames.com" ; Address of the STUN server. lobby.require_tls = true ; Whether to reject connecting to the lobby if TLS encryption is unavailable. lobby.verify_certificate = true ; Whether to reject connecting to the lobby if the TLS certificate is invalid. - lobby.xpartamupp = "xpartamupp23" ; Name of the server-side XMPP-account that manage games - lobby.echelon = "echelon23" ; Name of the server-side XMPP-account that manages ratings + lobby.xpartamupp = "xpartamupp24" ; Name of the server-side XMPP-account that manage games + lobby.echelon = "echelon24" ; Name of the server-side XMPP-account that manages ratings ``` If you disabled TLS encryption, set `require_tls` to `false`. @@ -605,9 +638,9 @@ * The following files should be created by the service provider: - `Terms_of_Service.txt` to explain the service and the contract. - `Terms_of_Use.txt` to explain what the user should and should not do. - `Privacy_Policy.txt` to explain how personal data is handled. + `Terms_of_Service.txt` to explain the service and the contract. + `Terms_of_Use.txt` to explain what the user should and should not do. + `Privacy_Policy.txt` to explain how personal data is handled. * To use Wildfire Games Terms as a template, obtain our Terms from a copy of the game or from or from @@ -625,9 +658,9 @@ * The terms should be published online, so users can save and print them. Add to your `local.cfg`: - ``` - lobby.terms_url = "https://lobby.wildfiregames.com/terms/"; Allows the user to save the text and print the terms - ``` + ``` + lobby.terms_url = "https://lobby.wildfiregames.com/terms/"; Allows the user to save the text and print the terms + ``` ### 5.4 Distribute the configuration Index: source/tools/lobbybots/backup/backup-ratings.sh =================================================================== --- /dev/null +++ source/tools/lobbybots/backup/backup-ratings.sh @@ -0,0 +1,7 @@ +#!/bin/bash +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +PREFIX="/lobby/backup/ratings/lobby-rankings" +rm -rfv $PREFIX-$(date --date="14 days ago" +%Y-%m-%d).sql.7z +DEST="$PREFIX-$(date +%Y-%m-%d).sql" +mysqldump --databases lobby_rankings > $DEST +p7zip $DEST Index: source/tools/lobbybots/backup/backup-users.sh =================================================================== --- /dev/null +++ source/tools/lobbybots/backup/backup-users.sh @@ -0,0 +1,13 @@ +#!/bin/sh +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +PREFIX="/lobby/backup/users/ejabberd" + +rm -rfv $PREFIX-$(date --date="14 days ago" +%Y-%m-%d).7z + +DEST=$PREFIX-$(date +%Y-%m-%d) +sudo -u ejabberd ejabberdctl backup $DEST + +# the process of converting the BUPTMP is asynchroneous +sleep 45; + +p7zip $DEST Index: source/tools/lobbybots/mod_ipstamp/src/mod_ipstamp.erl =================================================================== --- source/tools/lobbybots/mod_ipstamp/src/mod_ipstamp.erl +++ source/tools/lobbybots/mod_ipstamp/src/mod_ipstamp.erl @@ -1,4 +1,4 @@ -%% Copyright (C) 2018 Wildfire Games. +%% Copyright (C) 2019 Wildfire Games. %% This file is part of 0 A.D. %% %% 0 A.D. is free software: you can redistribute it and/or modify @@ -18,14 +18,13 @@ -behaviour(gen_mod). --include("ejabberd.hrl"). -include("logger.hrl"). -include("xmpp.hrl"). -export([start/2, stop/1, depends/2, - mod_opt_type/1, + mod_options/1, reload/3, on_filter_packet/1]). @@ -37,7 +36,7 @@ depends(_Host, _Opts) -> []. -mod_opt_type(_) -> []. +mod_options(_) -> []. reload(_Host, _NewOpts, _OldOpts) -> ok. Index: source/tools/lobbybots/systemd/echelon24.conf =================================================================== --- /dev/null +++ source/tools/lobbybots/systemd/echelon24.conf @@ -0,0 +1,6 @@ +SERVER=localhost +DOMAIN=lobby.wildfiregames.com +LOGIN=echelon24 +PASSWORD=securepassword +NICKNAME=echelon24 +ROOM=arena24 Index: source/tools/lobbybots/systemd/echelon@.service =================================================================== --- /dev/null +++ source/tools/lobbybots/systemd/echelon@.service @@ -0,0 +1,26 @@ +[Unit] +Description=EcheLOn Pyrogenesis/0 A.D. Lobby Bot %i +Documentation=https://trac.wildfiregames.com/ +After=network.target ejabberd.service + +[Service] +Type=simple +User=nobody +EnvironmentFile=/etc/0ad-lobby/echelon-%i.conf +ExecStart=python3 /0ad-lobby/arena%i/EcheLoN/EcheLoN.py \ + --login ${LOGIN} --password ${PASSWORD} --nickname ${NICKNAME} --domain ${HOST} --server ${SERVER} \ + --room ${ROOM} -d + +Restart=on-failure + +# Hardening +NoNewPrivileges=yes +PrivateDevices=yes +ProtectKernelTunables=yes +ProtectKernelModules=yes +PrivateUsers=yes +PrivateTmp=yes +ProtectSystem=yes + +[Install] +WantedBy=multi-user.target Index: source/tools/lobbybots/systemd/xpartamupp24.conf =================================================================== --- /dev/null +++ source/tools/lobbybots/systemd/xpartamupp24.conf @@ -0,0 +1,7 @@ +SERVER=localhost +DOMAIN=lobby.wildfiregames.com +LOGIN=xpartamupp24 +PASSWORD=securepassword +NICKNAME=xpartamupp24 +ROOM=arena24 +ELO=echelon24 Index: source/tools/lobbybots/systemd/xpartamupp@.service =================================================================== --- /dev/null +++ source/tools/lobbybots/systemd/xpartamupp@.service @@ -0,0 +1,25 @@ +[Unit] +Description=XpartaMuPP Pyrogenesis/0 A.D. Lobby Bot %i +Documentation=https://trac.wildfiregames.com/ +After=network.target ejabberd.service + +[Service] +Type=simple +User=nobody +EnvironmentFile=/etc/0ad-lobby/xpartamupp%i.conf +ExecStart=python3 /0ad-lobby/arena%i/XpartaMuPP/XpartaMuPP.py \ + --login ${LOGIN} --password ${PASSWORD} --nickname ${NICKNAME} --domain ${HOST} --server ${SERVER} \ + --room ${ROOM} -d --elo ${ELO} +Restart=on-failure + +# Hardening +NoNewPrivileges=yes +PrivateDevices=yes +ProtectKernelTunables=yes +ProtectKernelModules=yes +PrivateUsers=yes +PrivateTmp=yes +ProtectSystem=yes + +[Install] +WantedBy=multi-user.target