Pufferpanel créer votre sereur gaming linux ubuntu | control panel & gestion


Créer votre serveur gaming pour les gameur une gestion plus facile.

DNS config recommandé
x.x.x.x A panel.exemple.tld
x.x.x.x A host.exemple.tld
x.x.x.x A <Gaming-server-local>.exemple.tld
x:x:x:x:x:x:x:x AAAA host.exemple.tld
x:x:x:x:x:x:x:x AAAA panel.exemple.tld
x.x.x.x:x:x:x:x AAAA <Gaming-server-local>.exemple.tld
example.tldl CAA Issuewild 0 letsencrypt.org
#example.tldl CAA iodef 0 mailto:[email protected]

######## BEDROCK && PocketMine#########
_minecraft._tcp.<Gaming-server-local>.exemple.tld SRV 0 0 19132 <Gaming-server-local>.exemple.tld
_minecraft._udp.<Gaming-server-local>.exemple.tld SRV 0 0 19132 <Gaming-server-local>.exemple.tld
_minecraft._tcp.<Gaming-server-local>.exemple.tld SRV 0 0 19133 <Gaming-server-local>.exemple.tld
_minecraft._udp.<Gaming-server-local>.exemple.tld SRV 0 0 19133 <Gaming-server-local>.exemple.tld

_pufferpanel._tcp.panel.exemple.tld SRV 0 0 5656 panel.exemple.tld
_pufferd._tcp.panel.exemple.tld SRV 0 0 5657 panel.exemple.tld
######## FOR X SERVER NODE #########
x.x.x.x A <node-serverX-name>.exemple.tld
x:x:x:x:x:x:x:x AAAA <node-serverX-name>.exemple.tld
_minecraft._tcp.<node-serverX-name>.exemple.tld SRV 0 0 19133 <node-serverX-name>.exemple.tld
_minecraft._udp.<node-serverX-name>.exemple.tld SRV 0 0 19133 <node-serverX-name>.exemple.tld

_pufferpanel._tcp.<node-serverX-name>.exemple.tld SRV 0 0 5656 <node-serverX-name>.exemple.tld
_pufferd._tcp.<node-serverX-name>.exemple.tld SRV 0 0 5657 <node-serverX-name>.exemple.tld
#####################################
sudo -i
apt update && apt -y upgrade

#########################################################
hostnamectl set-hostname host.exemple.tld
ip a s eth0
#Or
ifconfig
nano /etc/hosts
<ipv4-local> panel.exemple.tld
#<ipv6-local> panel.exemple.tld
<ipv4-local> host.exemple.tld
#<ipv6-local> host.exemple.tld
<ipv4-local> <Gaming-server-local>.exemple.tld
#<ipv6-local> <Gaming-server-local>.exemple.tld
hostnamectl #verify



#########################################################
reboot now

add-apt-repository ppa:certbot/certbot
apt install -y openssl certbot python-certbot-nginx php curl nginx mysql-client mysql-server php-fpm php-cli php-curl php-mysql php-gd php-mbstring php-pear unzip zip net-tools ufw
#apt-transport-https ca-certificates software-properties-common
# or apt install -y mariadb-server
systemctl start nginx
systemctl enable nginx

systemctl start mysql
systemctl enable mysql

systemctl stop apache2
systemctl disable apache2
/lib/systemd/systemd-sysv-install disable apache2

systemctl start php7.2-fpm
systemctl enable php7.2-fpm

nano /etc/nginx/nginx.conf
uncomment:::
keepalive_timeout 2;
server_tokens off;

nano /etc/php/7.2/fpm/php.ini
uncomment:::
cgi.fix_pathinfo=0

systemctl restart php7.2-fpm
nano /etc/nginx/sites-available/default

systemctl restart nginx

mysql_secure_installation

mysql -u root -p
TYPE THE MYSQL ROOT PASSWORD
create user 'username'@'localhost' identified by 'HelloWorld123&-';
grant all privileges on *.* to 'username'@'localhost' identified by 'HelloWorld123&[email protected]' with grant option;
flush privileges;
----VERIFY----:
SELECT user,host FROM mysql.user;
flush privileges;
exit;

phpmyadmin inside the 'server {...}' bracket:
location /phpmyadmin {
    root /usr/share/;
    index index.php;
    try_files $uri $uri/ =404;

location ~ ^/phpmyadmin/(doc|sql|setup)/ {
    deny all;
    }

location ~ /phpmyadmin/(.+\.php)$ {
    fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
    include snippets/fastcgi-php.conf;
    }
}



apt install phpmyadmin -y
and then hide with "#" when you finish to config.

mkdir -p /srv && cd /srv
curl -L -o pufferpanel.tar.gz https://git.io/fNZYg
tar zxvf pufferpanel.tar.gz
cd /srv/pufferpanel 
chmod +x pufferpanel
./pufferpanel install

chmod 0755 /etc/letsencrypt/{live,archive}

certbot run --webroot -w /srv/pufferpanel/ -d panel.exemple.tld
certbot renew --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx"
'/etc/letsencrypt/live/panel.exemple.tld' directory.

nano /etc/nginx/sites-available/pufferpanel.conf
#Take replace on pufferpanel.conf:
->ssl_certificate /etc/letsencrypt/live/panel.exemple.tld/cert.pem;
->ssl_certificate_key /etc/letsencrypt/live/panel.exemple.tld/privkey.pem;
->ssl_trusted_certificate /etc/letsencrypt/live/panel.exemple.tld/chain.pem;
#->ssl_trusted_certificate /etc/letsencrypt/live/panel.exemple.tld/fullchain.pem;

nano /etc/pufferd/config.json
cp /etc/letsencrypt/live/panel.exemple.tld/fullchain.pem /etc/pufferd/https.pem
cp /etc/letsencrypt/live/panel.exemple.tld/privkey.pem /etc/pufferd/https.key
chown pufferd:pufferd /etc/pufferd/https.pem
chown pufferd:pufferd /etc/pufferd/https.key
service pufferd restart


nano /etc/nginx/sites-available/pufferpanel.conf
systemctl restart nginx

###############CERTBOT CONFIG AVANCED WARNING#####################
certbot --config cli.ini
#more info:
certbot --help renew
nano /etc/letsencrypt/cli.ini
**********************************************
#max-log-backups = 0
#General
redirect
must-staple = True
rsa-key-size = 4096
auto-hsts = True

pre-hook = systemctl stop nginx
post-hook = systemctl start nginx
#deploy-hook=/etc/letsencrypt/live/panel.example.tld # pending to search more info
no-autorenew = False
## Plugin
configurator = installer
#authenticator = nginx
#nginx = True
installer = webroot
webroot = True
webroot-path = /srv/pufferpanel
webroot-map = {"panel.exemple.tld":"/srv/pufferpanel"}
#NEED PLUGIN OVH if you want used
##dns-ovh #exemple
#dns-ovh-propagation-seconds = 60
#dns-ovh-credentials = #OVH credentials INI file. (default: None)
#dns-ovh-credentials  = /.secrets/path/certbot/ovh.ini #OVH credentials INI file. (default: None)


## automation
agree-tos = True
renew-by-default = True
quiet = True
 
# Info
**************************************************************
certbot update_symlinks
certbot renew --dry-run
#nano /etc/letsencrypt/renewal/panel.exemple.tld.conf # pending to search more info
#renew_hook = systemctl restart nginx # pending to search more info

Take, adding, replace on pufferpanel.conf:
nano /etc/nginx/sites-available/pufferpanel.conf
adding or edit inside server{...}:
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
  # Enable OCSP stapling 
include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
   location '/.well-known/acme-challenge' {
default_type "text/plain";
root /srv/pufferpanel;
   }
#   location / {
# root /srv/pufferpanel;
#   }

------------------------------------------------------------------------
systemctl restart nginx
#see hour & date:
openssl x509 -noout -dates -in /etc/letsencrypt/live/panel.exemple.tld/cert.pem
#notBefore= May 11 17:26:21 2020 GMT
#notAfter= Aug 9 17:26:21 2020 GMT
#https://crontab-generator.org/ & https://crontab.guru/ = generator & test
nano /etc/cron.d/certbot
#adding:
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

0 */12 * * * root certbot -q renew && systemctl restart nginx && cp /etc/letsencrypt/live/panel.exemple.tld/fullchain.pem /etc/pufferd/https.pem && cp /etc/letsencrypt/live/panel.exemple.tld/privkey.pem /etc/pufferd/https.key && chown pufferd:pufferd /etc/pufferd/https.pem && chown pufferd:pufferd /etc/pufferd/https.key && service pufferd restart
#AUTO RENEWS SSL
crontab -l

#---- /etc/crontab/
systemctl list-timers
crontab -e
26 17 10 * */6 /etc/cron.d/certbot >/dev/null 2>&1
service cron restart
systemctl list-timers


###############CERTBOT CONFIG AVANCED WARNING#####################
#Node Server -> 2) server:
#Auto-Deploy Node -> click generate

sudo -i
hostnamectl set-hostname <node-serverX-name>.exemple.tld
ip a s eth0
#Or
ifconfig
sudo nano /etc/hosts
<ipv4-local> <node-serverX-name>.exemple.tld
#<ipv6-local> <node-serverX-name>.exemple.tld
hostnamectl #verify
reboot now
#
sudo -i
apt install sudo curl ufw -y
sudo bash -c 'source <(curl -sSLk https://panel.exemple.tld/auth/remote/deploy/<API>)'

systemctl stop apache2
systemctl disable apache2
/lib/systemd/systemd-sysv-install disable apache2



#https://help.ubuntu.com/community/UFW
#https://help.ubuntu.com/community/IptablesHowTo
#https://certbot.eff.org/docs/using.html#dns-plugins
#DNS
#_acme-challenge.exemple.tld TXT "gfj9Xq...Rg85nM"
#HOOKS = https://certbot.eff.org/docs/using.html#hooks
#HOOKS = https://certbot-dns-ovh.readthedocs.io/en/stable/
#https://certbot.eff.org/docs/using.html#configuration-file
#https://github.com/certbot/certbot
#https://gist.github.com/cecilemuller/a26737699a7e70a7093d4dc115915de8
# ref. http://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox
# https://gist.github.com/cecilemuller/a26737699a7e70a7093d4dc115915de8

A vous de jouez et à vous de faire une configuration avancé.



Publier un commentaire

0 Commentaires