From 75424d6d82c53cdff10847e16fd75e8d489bc26d Mon Sep 17 00:00:00 2001
From: Salt <rehashedsalt@cock.li>
Date: Sat, 12 Sep 2020 20:52:57 -0500
Subject: [PATCH] Deploy a new tmodloader serber

---
 playbooks/gameservers.yml                     |  20 ++-
 roles/tmodloader/defaults/main.yml            |   7 +
 roles/tmodloader/meta/main.yml                |   0
 roles/tmodloader/tasks/main.yml               | 123 ++++++++++++++++++
 roles/tmodloader/templates/backup.sh          |  50 +++++++
 roles/tmodloader/templates/config             |  13 ++
 .../tmodloader/templates/tmodloader@.service  |  33 +++++
 7 files changed, 244 insertions(+), 2 deletions(-)
 create mode 100644 roles/tmodloader/defaults/main.yml
 create mode 100644 roles/tmodloader/meta/main.yml
 create mode 100644 roles/tmodloader/tasks/main.yml
 create mode 100644 roles/tmodloader/templates/backup.sh
 create mode 100644 roles/tmodloader/templates/config
 create mode 100644 roles/tmodloader/templates/tmodloader@.service

diff --git a/playbooks/gameservers.yml b/playbooks/gameservers.yml
index cbe6453..52d6189 100644
--- a/playbooks/gameservers.yml
+++ b/playbooks/gameservers.yml
@@ -36,6 +36,11 @@
         mcviewdist: 14
         mcleveltype: "default"
       tags: [ gameserver, minecraft, me5 ]
+    - role: tmodloader
+      vars:
+        terraria_name: "calamity"
+        terraria_password: "dicks"
+      tags: [ gameserver, terraria, calamity ]
   tasks:
     - name: Assure Minecraft CNAME record
       route53:
@@ -47,7 +52,7 @@
         ttl: 3600
         value: [ "{{ inventory_hostname }}." ]
       become: yes
-      tags: [ dns ]
+      tags: [ dns, minecraft, me5 ]
     - name: Assure Minecraft SRV record
       route53:
         state: present
@@ -58,7 +63,18 @@
         ttl: 3600
         value: [ "1 10 25565 {{ inventory_hostname }}." ]
       become: yes
-      tags: [ dns ]
+      tags: [ dns, minecraft, me5 ]
+    - name: Assure Terraria record
+      route53:
+        state: present
+        overwrite: yes
+        zone: 9iron.club
+        type: CNAME
+        record: "calamity.9iron.club"
+        ttl: 3600
+        value: [ "{{ inventory_hostname }}." ]
+      become: yes
+      tags: [ dns, terraria, calamity ]
 #- hosts: game1.9iron.club
 #  roles:
 #    - role: base-backups
diff --git a/roles/tmodloader/defaults/main.yml b/roles/tmodloader/defaults/main.yml
new file mode 100644
index 0000000..07d8e02
--- /dev/null
+++ b/roles/tmodloader/defaults/main.yml
@@ -0,0 +1,7 @@
+terraria_difficulty: 0
+terraria_motd: "Please don't cut the purple trees!"
+terraria_port: 7777
+terraria_root: "/var/terraria"
+terraria_worldname: "World"
+terraria_worldsize: 3
+terraria_tarball: "https://github.com/tModLoader/tModLoader/releases/download/v0.11.7.4/tModLoader.Linux.v0.11.7.4.tar.gz"
diff --git a/roles/tmodloader/meta/main.yml b/roles/tmodloader/meta/main.yml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/tmodloader/tasks/main.yml b/roles/tmodloader/tasks/main.yml
new file mode 100644
index 0000000..4076656
--- /dev/null
+++ b/roles/tmodloader/tasks/main.yml
@@ -0,0 +1,123 @@
+#!/usr/bin/ansible-playbook
+# vim:ft=ansible:
+---
+- name: Set up Terraria user
+  block:
+    - name: Install required packages
+      apt:
+        name:
+          - mono-complete
+    - name: Disable bundled services
+      systemd:
+        name: "{{ item }}"
+        enabled: no
+        state: stopped
+      loop:
+        - "mono-xsp4"
+    - name: Assure terraria admin group
+      group:
+        name: ter-admin
+    - name: Assure server user
+      user:
+        name: terraria
+        group: ter-admin
+        system: yes
+        home: "{{ terraria_root }}"
+    - name: Assure var directory
+      file:
+        path: "{{ terraria_root }}"
+        state: directory
+        owner: root
+        group: ter-admin
+        # Sticky, SetGID
+        mode: "3770"
+    - name: Assure systemd unit
+      template:
+        src: "tmodloader@.service"
+        dest: "/etc/systemd/system/tmodloader@.service"
+    - name: Reload available daemons
+      systemd:
+        daemon_reload: yes
+  become: yes
+- name: Set up Terraria server
+  block:
+    - name: Create server directory
+      file:
+        path: "{{ terraria_root }}/{{ terraria_name }}"
+        state: directory
+    - name: Check for existing install
+      stat:
+        path: "{{ terraria_root }}/{{ terraria_name }}/tModLoaderServer"
+      register: stat_server_binary
+    - name: Unpack archive
+      block:
+        - name: Download tarball
+          get_url:
+            dest: "{{ terraria_root }}/{{ terraria_name }}/pack.tgz"
+            url: "{{ terraria_tarball }}"
+        - name: Unpack tarball
+          unarchive:
+            src: "{{ terraria_root }}/{{ terraria_name }}/pack.tgz"
+            remote_src: yes
+            dest: "{{ terraria_root }}/{{ terraria_name }}"
+        - name: Mark executable
+          file:
+            path: "{{ terraria_root }}/{{ terraria_name }}/tModLoaderServer.bin.x86_64"
+            mode: "0755"
+        - name: Clean up
+          file:
+            path: "{{ item }}"
+            state: absent
+          loop:
+            - "{{ terraria_root }}/{{ terraria_name }}/pack.tgz"
+        - name: Create worlds directory
+          file:
+            path: "{{ terraria_root }}/{{ terraria_name }}/worlds"
+            owner: terraria
+            group: ter-admin
+            state: directory
+        - name: Fix ownership
+          file:
+            path: "{{ terraria_root }}/{{ terraria_name }}"
+            recurse: yes
+            owner: terraria
+            group: ter-admin
+      when: not stat_server_binary.stat.exists
+    - name: Configure server
+      block:
+        - name: Template out server config
+          template:
+            src: config
+            dest: "{{ terraria_root }}/{{ terraria_name }}/config"
+            owner: terraria
+            group: ter-admin
+  become: yes
+- name: Set up backups
+  block:
+    - name: Create backups directory
+      file:
+        state: directory
+        mode: "0700"
+        path: "{{ terraria_root }}/{{ terraria_name }}/backups"
+        owner: terraria
+        group: ter-admin
+    - name: Template out backup script
+      template:
+        src: "backup.sh"
+        dest: "{{ terraria_root }}/{{ terraria_name }}/backup.sh"
+        owner: terraria
+        group: ter-admin
+        mode: "0700"
+    - name: Set up backup cronjob
+      cron:
+        minute: "*/30"
+        name: "ansible-backup-terraria-{{ terraria_name }}"
+        job: "{{ terraria_root }}/{{ terraria_name }}/backup.sh >> {{ terraria_root }}/{{ terraria_name }}/backups.log 2>&1"
+  become: yes
+- name: Enable service
+  systemd:
+    name: "tmodloader@{{ terraria_name }}"
+    daemon_reload: yes
+    enabled: yes
+    state: started
+  become: yes
diff --git a/roles/tmodloader/templates/backup.sh b/roles/tmodloader/templates/backup.sh
new file mode 100644
index 0000000..938d401
--- /dev/null
+++ b/roles/tmodloader/templates/backup.sh
@@ -0,0 +1,50 @@
+#! /bin/bash
+#
+# terraria.sh
+# Backup script for Gitea. Meant to be sourced by our main backup script
+# Copyright (C) 2020 Vintage Salt <rehashedsalt@cock.li>
+#
+# Distributed under terms of the MIT license.
+#
+
+set -e
+
+export TERRARIADIR="{{ terraria_root }}/{{ terraria_name }}"
+export OUTDIR="$TERRARIADIR/backups"
+retention=144 # 30-minute intervals, 3 days
+
+# Helper functions
+log() {
+	[ -z "$1" ] && return 1
+	printf "$(date -Iseconds): $1\n"
+}
+
+# Sanity checks
+if ! [ -d "$OUTDIR" ]; then
+	if ! mkdir "$OUTDIR"; then
+		log "Unable to find or create output directory: $OUTDIR"
+		return 2
+	fi
+fi
+# Enforce permissions on our output directory since the terraria user will need them
+chown terraria.ter-admin "$OUTDIR"
+chmod 770 "$OUTDIR"
+
+# Purge oldest backup if we need to
+currentbackupcount="$(ls -1 "$OUTDIR" | wc -l)"
+if (( currentbackupcount >= retention )); then
+	lastbackup="$(find "$OUTDIR" -name \*.wld 2>/dev/null | sort | head -n 1)"
+	if [ -f "$lastbackup" ]; then
+		log "Removing old backup: $lastbackup"
+		rm "$lastbackup"
+	fi
+fi
+# WE MAKE BACKUP NOW SERGEI
+if cd "$OUTDIR"; then
+	log "Initiating terraria dump"
+	su terraria -c "cp \"$TERRARIADIR/worlds/world.wld\" \"$OUTDIR/world-$(date -Iseconds).wld\""
+else
+	log "Could not change directory: $OUTDIR"
+	return 3
+fi
+
diff --git a/roles/tmodloader/templates/config b/roles/tmodloader/templates/config
new file mode 100644
index 0000000..d8b4254
--- /dev/null
+++ b/roles/tmodloader/templates/config
@@ -0,0 +1,13 @@
+# This configuration file is deployed via Ansible
+# Changes made here will be overwritten!
+maxplayers=8
+world={{ terraria_root }}/{{ terraria_name }}/worlds/world.wld
+port={{ terraria_port }}
+password={{ terraria_password }}
+motd={{ terraria_worldname }} {{ terraria_motd }}
+worldpath={{ terraria_root }}/{{ terraria_name }}/worlds
+autocreate={{ terraria_worldsize }}
+difficulty={{ terraria_difficulty }}
+worldname=world
+banlist=banlist.txt
+secure=0
diff --git a/roles/tmodloader/templates/tmodloader@.service b/roles/tmodloader/templates/tmodloader@.service
new file mode 100644
index 0000000..c481982
--- /dev/null
+++ b/roles/tmodloader/templates/tmodloader@.service
@@ -0,0 +1,33 @@
+#
+# Licensed under the terms of the MIT license
+# vim:ft=dosini:
+#
+
+[Unit]
+Description=tModLoader Server %i
+After=network.target
+
+[Service]
+User=terraria
+Group=ter-admin
+WorkingDirectory={{ terraria_root }}/%i
+PrivateUsers=true
+ProtectSystem=full
+ProtectHome=true
+# Implies MountFlags=slave
+ProtectKernelTunables=true
+# Implies NoNewPrivileges=yes
+ProtectKernelModules=true
+# Implies MountAPIVFS=yes
+ProtectControlGroups=true
+
+ExecStart=/bin/sh -c '/usr/bin/screen -DmS %i ./tModLoaderServer.bin.x86_64 -config config'
+
+ExecStop=/usr/bin/screen -p 0 -S %i -X eval 'stuff "say Server is going down: Service was stopped"\\015'
+ExecStop=/usr/bin/screen -p 0 -S %i -X eval 'stuff "exit"\\015'
+ExecStop=/bin/sleep 5
+
+Restart=always
+
+[Install]
+WantedBy=multi-user.target