auto-tf2serverinstall.sh 5.57 KB
Newer Older
David's avatar
update    
David committed
1
#!/bin/bash
2
3
#Purpose - This is a script to automate the process of installing a tf2server stack on a clean Debian or Ubuntu server instance. The script needs to be ran as root to function properly. Please audit the code below before running in your environment.
# Usage: Call the script with ./auto-tf2serverinstall.sh <tf2-user-pass>
David's avatar
update    
David committed
4

David's avatar
David committed
5
# Variables used in script.
6
7
8
9
10
11
12
13
export METAMODURL='https://mms.alliedmods.net/mmsdrop/1.10/mmsource-1.10.7-git961-linux.tar.gz'
export METAMODFILENAME='mmsource-1.10.7-git961-linux.tar.gz'
export SOURCEMODURL='https://sm.alliedmods.net/smdrop/1.8/sourcemod-1.8.0-git6041-linux.tar.gz'
export SOURCEMODFILENAME='sourcemod-1.8.0-git6041-linux.tar.gz'
export STEAMID='PUT-STEAM-ID-HERE'
export STEAMUSERNAME='PUT-STEAM-USERNAME-HERE'
export DEFAULTMAP='pl_upward'
export PLAYERS='24'
14
export PASSWORD="$1"
David's avatar
update    
David committed
15

16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# Set script basename
SCRIPT=`basename ${BASH_SOURCE[0]}`

# Usage function
usage() {
    echo "Call this script with $SCRIPT <tf2-user-pass>"
    echo "Example: $SCRIPT fjlafjlajf13@"
    exit 1
}

# Check for required inputs
if [ "$#" -ne 1 ]; then
    usage
fi

# Check if running with sudo/root privileges
David's avatar
David committed
32
if [ "$EUID" -ne 0 ]
David's avatar
David committed
33
34
then
  echo "Run as root or use sudo."
David's avatar
David committed
35
36
37
  exit 1
fi

38
39
# Check for sudo and install if not found in $path.
which sudo > /dev/null || apt-get -y install sudo
David's avatar
David committed
40

41
# Prompt for sudo rights
David's avatar
update    
David committed
42
43
sudo -v

44
# Update the server
David's avatar
David committed
45
sudo apt-get update
46
47
48
49
sudo apt-get -y upgrade
sudo apt-get -y dist-upgrade
sudo apt-get -y autoremove
sudo apt-get autoclean
David's avatar
update    
David committed
50

51
52
# Install dependencies for the tf2server instance
sudo dpkg --add-architecture i386; sudo apt update; sudo apt install mailutils curl wget file tar bzip2 gzip unzip bsdmainutils python util-linux ca-certificates binutils bc jq tmux lib32gcc1 libstdc++6 libstdc++6:i386 libcurl4-gnutls-dev:i386 libtcmalloc-minimal4:i386
David's avatar
update    
David committed
53

David's avatar
David committed
54
# Add user account
55
useradd -m -s /bin/bash tf2server
56
echo "tf2server:$PASSWORD" | chpasswd
David's avatar
update    
David committed
57

David's avatar
David committed
58
# Get the framework script and install the server.
59
su - tf2server -c 'wget -N --no-check-certificate https://linuxgsm.com/dl/linuxgsm.sh && chmod +x linuxgsm.sh && /bin/bash linuxgsm.sh tf2server'
David's avatar
David committed
60
su - tf2server -c '/home/tf2server/tf2server auto-install'
61
62
63
su - tf2server -c "echo "defaultmap=\"$DEFAULTMAP\"" > /home/tf2server/lgsm/config-lgsm/tf2server/tf2server.cfg"
su - tf2server -c "echo "maxplayers=\"$PLAYERS\"" >> /home/tf2server/lgsm/config-lgsm/tf2server/tf2server.cfg"
su - tf2server -c "echo 'updateonstart="on"' >> /home/tf2server/lgsm/config-lgsm/tf2server/tf2server.cfg"
David's avatar
update    
David committed
64

65
# Install iptables
66
sudo apt-get install -y iptables iptables-persistent
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

# Wipe the v4 rules
sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo iptables -F
sudo iptables -X

# Wipe the v6 rules
sudo ip6tables -P INPUT ACCEPT
sudo ip6tables -P FORWARD ACCEPT
sudo ip6tables -P OUTPUT ACCEPT
sudo ip6tables -t nat -F
sudo ip6tables -t mangle -F
sudo ip6tables -F
sudo ip6tables -X

86
# Configure ipv4 firewall
87
88
sudo iptables -I INPUT 1 -i lo -j ACCEPT
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
David's avatar
David committed
89
90
sudo iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED --dport 22 -j ACCEPT
sudo iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
91
92
93
sudo iptables -A INPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED  -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -m state --state NEW,ESTABLISHED  -j ACCEPT
sudo iptables -A INPUT -p udp --dport 27015 -m state --state NEW,ESTABLISHED  -j ACCEPT
94
sudo iptables -A INPUT -p tcp --dport 27015 -m state --state NEW,ESTABLISHED  -j ACCEPT
95
96
97
sudo iptables -A INPUT -p udp --dport 27020 -m state --state NEW,ESTABLISHED  -j ACCEPT
sudo iptables -P INPUT DROP

David's avatar
David committed
98
99
100
101
102
103
104
105
106
107
108
109
110
# Configure ipv6 firewall
sudo ip6tables -P INPUT DROP
sudo ip6tables -P FORWARD DROP
sudo ip6tables -P OUTPUT ACCEPT
sudo ip6tables -A INPUT -i lo -j ACCEPT
sudo ip6tables -A INPUT -p tcp --syn -j DROP
sudo ip6tables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo ip6tables -A INPUT -p ipv6-icmp -j ACCEPT
sudo ip6tables -A INPUT -m state --state NEW -m udp -p udp -s fe80::/10 --dport 546 -j ACCEPT
sudo ip6tables -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
sudo ip6tables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
sudo ip6tables -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT

111
112
113
# Save the firewall rules
iptables-save > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6
David's avatar
update    
David committed
114

David's avatar
David committed
115
# Setup web server
116
sudo apt-get install -y apache2
David's avatar
update    
David committed
117
118
119
mkdir -p /var/www/html/fastdl/tf2/
cd /var/www/html/fastdl/tf2/
ln -s /home/tf2server/serverfiles/tf/maps maps
David's avatar
David committed
120
sudo systemctl start apache2.service
David's avatar
David committed
121
sudo systemctl enable apache2.service
David's avatar
update    
David committed
122
123
mv /var/www/html/index.html /var/www/html/index.html.bak

David's avatar
David committed
124
# Setup metamod and sourcemod
125
install-metamod () {
126
127
cd /home/tf2server/serverfiles/tf
wget $METAMODURL
David's avatar
David committed
128
tar -xf $METAMODFILENAME
129
130
131
rm $METAMODFILENAME

wget $SOURCEMODURL
David's avatar
David committed
132
tar -xf $SOURCEMODFILENAME
133
rm $SOURCEMODFILENAME
134
}
David's avatar
David committed
135

136
137
export -f install-metamod
su tf2server -c "bash -c install-metamod"
David's avatar
David committed
138

David's avatar
David committed
139
# Setup Steam id's for admin
140
configure-sourcemod-admins () {
141
cat <<EOL >> /home/tf2server/serverfiles/tf/addons/sourcemod/configs/admins_simple.ini
David's avatar
David committed
142
"$STEAMID" "99:z" //$STEAMUSERNAME
David's avatar
update    
David committed
143
EOL
144
}
David's avatar
update    
David committed
145

146
147
export -f configure-sourcemod-admins
su tf2server -c "bash -c configure-sourcemod-admins"
David's avatar
update    
David committed
148

149
150
# Start the tf2server
su - tf2server -c '/home/tf2server/tf2server start'
David's avatar
updated    
David committed
151

David's avatar
David committed
152
# Add cronjobs
153
154
echo "@reboot         tf2server /home/tf2server/tf2server start" >> /etc/crontab
echo "0 0     * * *   tf2server /home/tf2server/tf2server restart" >> /etc/crontab
David's avatar
David committed
155

156
# Set a one time restart of the server for midnight.
157
sudo shutdown -r -t 0:00