Minecraft's setup

sysadmin  · 

Welcome to my blog @POuL. There won’t be many posts but hopefully the ones you’ll find will entertain you, and don’t expect the posts to be well written. I hate reviewing what I’ve written, especially if the text is long!
You can find a feed rss (atom ackchyually ☝️🤓) under /~mroik/posts/feed.xml.

So, what is this post all about? Well, this machine of course!
Let’s start with some info:

This machine was gifted to us by Svolta Studenti, apparently it’s a machine that they were no longer using, so after receiving it some members decided to install Debian on it. For a few days it just sat in our HQ without any use, that’s when I decided to give it purpose.
I’ve been wanting to make a multi-user server like the 9plan server or the tilde servers for a while now. The idea is that on it there will be an entire ecosystem driven by its users. I shared the idea with some other members and decided to begin the setup.

I went with Ubuntu since it’s very widespread and most members know how it works. After the installation I setup ssh and the mail server, this is only internal, so users can send emails only among themselves, then I wrote a utility script for the admins to make it easy to add new users without having to do any of the setup manually. Then came the moment for the webserver since I wanted for every user to have their own website, so I decided to go with caddy since I’m already familiar with the the configuration syntax it uses.

And now I’m working on the first custom software for the machine, walletcraft. Its purpose is to handle the currency on the server, the idea is that any software that a user makes can interact with walletcraft to require payments for bets or similar stuff. Since the machine is called minecraf I decided to go with the theme, so the currencies in walletcraft are: diamonds, gold and iron. It is comprised of a server and a client, with the server handling the interaction with the DB and the client being the interface for the users. They communicate through a unix socket, this is for many reasons, one of them is the fact that from a unix socket you can actually authenticate the user on the other side by requesting SO_PEERCRED on the socket that gets created when the server accepts a connection. Another reason is that this way other programs can interact directly with the server through the socket without having to yield control to a subprocess to use the client.
So far there’s only the server that can handle only 2 types of requests: get_balance and transfer. The development shouldn’t take too long but I’m a notorious procastinator, so it might take a while.

While in the previous paragraphs I’ve talked about the setup of the machine itself, that’s not the only thing I had to work on. Since Minecraft is in our HQ I had to find a way for it to be accesible from the outside. To do this I made use of the VPN that was already setup by our Dvx Bisca, that connects padulino, our router at our HQ, and padulo, the OVH VPS that runs most of our critical infrastructure (OVH for critical infrastructure I know!). So I opened a port on padulo and instead of forwarding traffic through iptables I decided to use use an ssh tunnel. I know, it sounds dumb, but hey it’s funnier this way. Another thing I had to reroute was the requests to the webserver on minecraft, that was trivial I simply setup a reverse proxy and proxy on request for https://minecraft.poul.org/.

This is all I have for now, I’ll update you whenever I have more to share, for now it’s a goodbye, and checkout Mroik's corner again sometime.