diff --git a/inventory/group_vars/gameservers.yml b/inventory/group_vars/gameservers.yml index 255d82c..551cfcf 100644 --- a/inventory/group_vars/gameservers.yml +++ b/inventory/group_vars/gameservers.yml @@ -3,3 +3,11 @@ backups_frequency: 6h mcheapmax: 4096 mcheapmin: 1024 +steam_api_key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 39616163316634306633623435636633623966306537636639316439343839393231376661666335 + 6136333866633861313566306433393637613364386234360a303832626338373230396665336430 + 33346530626633616161613635656433356434366437383363663165303862316163323263323230 + 3334373531646364620a386165626130386265343235363639346230323930626330343235373662 + 38313431663734343931333462316633643935353038313934663466303834636533616165353961 + 6438356265656532396363323532616437353831613261323037 diff --git a/playbooks/gameservers.yml b/playbooks/gameservers.yml index ebd3892..a6a4a50 100644 --- a/playbooks/gameservers.yml +++ b/playbooks/gameservers.yml @@ -63,5 +63,19 @@ tags: [ gameserver, minecraft, magicpack ] - hosts: game3 roles: - - role: steamcmd - tags: [ steamcmd ] + - role: steamgame + vars: + steam_appid: "232330" + steam_path: "Counter-Strike Source Dedicated Server" + tags: [ steam, gmod, css ] + - role: sourcegame + vars: + source_appid: "4020" + source_path: GarrysModDS + source_game: garrysmod + source_instancename: gmod + # TODO: Add me when sam figures his shit out + # source_args: "+host_workshop_collection COLLECTION_ID" + source_args: "+gamemode sandbox" + source_configrepo: "https://git.9iron.club/salt/gmodconfig" + tags: [ steam, gmod ] diff --git a/roles/sourcegame/defaults/main.yml b/roles/sourcegame/defaults/main.yml new file mode 100644 index 0000000..b82dd31 --- /dev/null +++ b/roles/sourcegame/defaults/main.yml @@ -0,0 +1,2 @@ +# vim:ft=ansible: +source_maxplayers: 16 diff --git a/roles/sourcegame/handlers/main.yml b/roles/sourcegame/handlers/main.yml new file mode 100644 index 0000000..7ad5d7a --- /dev/null +++ b/roles/sourcegame/handlers/main.yml @@ -0,0 +1,8 @@ +#!/usr/bin/ansible-playbook +# vim:ft=ansible: +--- +- name: "restart {{ source_instancename }}" + systemd: + name: "source-{{ source_instancename }}" + state: restarted + become: yes diff --git a/roles/sourcegame/meta/main.yml b/roles/sourcegame/meta/main.yml new file mode 100644 index 0000000..e56dfcd --- /dev/null +++ b/roles/sourcegame/meta/main.yml @@ -0,0 +1,9 @@ +# vim:ft=ansible: +--- +allow_duplicates: yes +dependencies: + - role: steamcmd + - role: steamgame + vars: + steam_appid: "{{ source_appid }}" + steam_path: "{{ source_path }}" diff --git a/roles/sourcegame/tasks/main.yml b/roles/sourcegame/tasks/main.yml new file mode 100644 index 0000000..3f278c8 --- /dev/null +++ b/roles/sourcegame/tasks/main.yml @@ -0,0 +1,48 @@ +#!/usr/bin/ansible-playbook +# vim:ft=ansible: +--- +- name: Set up game + block: + - name: Clone configuration repository + git: + repo: "{{ source_configrepo }}" + dest: $HOME/sourcecfg/{{ source_instancename }} + notify: "restart {{ source_instancename }}" + - name: Symlink configs + file: + src: "$HOME/sourcecfg/{{ source_instancename }}/{{ item }}" + path: "/var/steam/.steam/SteamApps/common/{{ source_path }}/{{ source_game }}/cfg/{{ item }}" + state: link + force: yes + loop: + - autoexec.cfg + - mount.cfg + - server.cfg + notify: "restart {{ source_instancename }}" + become: yes + become_user: steamcmd +- name: Set up system + block: + - name: Template out service + template: + src: sourcegame.service + dest: "/etc/systemd/system/source-{{ source_instancename }}.service" + notify: "restart {{ source_instancename }}" + - name: Reload available daemons + systemd: + daemon_reload: yes + - name: Enable service + systemd: + name: "source-{{ source_instancename }}" + state: started + enabled: yes + - name: Assure CNAME record + route53: + state: present + zone: "{{ zone }}" + type: CNAME + record: "{{ source_instancename }}.src.{{ zone }}." + ttl: 300 + value: + - "{{ inventory_hostname }}.{{ zone }}." + become: yes diff --git a/roles/sourcegame/templates/sourcegame.service b/roles/sourcegame/templates/sourcegame.service new file mode 100644 index 0000000..a64a3e4 --- /dev/null +++ b/roles/sourcegame/templates/sourcegame.service @@ -0,0 +1,29 @@ +# +# Licensed under the terms of the MIT license +# vim:ft=dosini: +# + +[Unit] +Description={{ source_game }} - {{ source_instancename }} +After=network.target + +[Service] +User=steamcmd +Group=steamcmd +WorkingDirectory=/var/steam/.steam/SteamApps/common/{{ source_path }} +PrivateUsers=true +ProtectSystem=full +ProtectHome=true +# Implies MountFlags=slave +ProtectKernelTunables=true +# Implies NoNewPrivileges=yes +ProtectKernelModules=true +# Implies MountAPIVFS=yes +ProtectControlGroups=true + +ExecStart=/bin/sh -c '/usr/bin/screen -DmS {{ source_instancename }} /var/steam/.steam/SteamApps/common/{{ source_path }}/srcds_run -game {{ source_game }} -maxplayers {{ source_maxplayers }} -authkey {{ steam_api_key }} {{ source_args }}' + +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/roles/steamgame/meta/main.yml b/roles/steamgame/meta/main.yml new file mode 100644 index 0000000..5b7aeac --- /dev/null +++ b/roles/steamgame/meta/main.yml @@ -0,0 +1,5 @@ +# vim:ft=ansible: +--- +allow_duplicates: yes +dependencies: + - role: steamcmd diff --git a/roles/steamgame/tasks/main.yml b/roles/steamgame/tasks/main.yml new file mode 100644 index 0000000..18f17d5 --- /dev/null +++ b/roles/steamgame/tasks/main.yml @@ -0,0 +1,27 @@ +#!/usr/bin/ansible-playbook +# vim:ft=ansible: +--- +- name: Install Steam game + block: + - name: "Install game {{ steam_appid }}" + command: + argv: + - /usr/games/steamcmd + - +login + - anonymous + - +app_update + - "{{ steam_appid }}" + # - validate + - +quit + creates: "$HOME/.steam/SteamApps/common/{{ steam_path }}" + - name: Create quick-access dir + file: + path: $HOME/games + state: directory + - name: Symlink game to quick-access dir + file: + src: "$HOME/.steam/SteamApps/common/{{ steam_path }}" + path: "/var/steam/games/{{ steam_appid }}" + state: link + become: yes + become_user: steamcmd