scripts

Makefile

@@ -1,6 +1,6 @@
 SHELL:=/bin/bash
 
-all: mnml
+all: install
 
 deps:
 	./bin/deps.sh
@@ -8,8 +8,14 @@ deps:
 package:
 	./bin/package.sh
 
-mnml:
+install:
-	./bin/build.sh
+	./bin/install.sh
+
+server:
+	./bin/server.sh
+
+client:
+	./bin/client.sh
 
 clean:
 	./bin/clean.sh

bin/clean.sh

@@ -4,5 +4,11 @@
 DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
 MNML_PATH=$(realpath "$DIR/../")
 
-rm $MNML_PATH/etc/mnml.env
+sudo rm -Rf /usr/local/mnml/
-rm $MNML_PATH/server/.env
+sudo rm -Rf /var/lib/mnml/client
+sudo rm -Rf /var/lib/mnml/public
+sudo rm -Rf /etc/mnml/
+sudo rm -Rf /var/log/mnml
+
+sudo -u postgres dropdb mnml
+

bin/client.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# bless you chris and andy <3
+DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
+MNML_PATH=$(realpath "$DIR/../")
+
+VERSION=$(<"$MNML_PATH/VERSION")
+
+echo "Building client version $VERSION"
+
+cd $MNML_PATH/client
+rm -f "/var/lib/mnml/$VERSION"
+rm -rf dist
+npm run build
+
+echo "copying build to /var/lib/mnml/$VERSION"
+cp -r dist "/var/lib/mnml/client/$VERSION"
+echo "linking current version"
+ln -nfs "/var/lib/mnml/client/$VERSION" /var/lib/mnml/public/current
+
+sudo service nginx restart

bin/install.sh

@@ -0,0 +1,80 @@
+#!/bin/bash
+
+# bless you chris and andy <3
+DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
+MNML_PATH=$(realpath "$DIR/../")
+
+MNML_CONF="/etc/mnml/mnml.conf"
+
+if [ ! -f $MNML_CONF ]; then
+    echo "-----------------------------------------------"
+    echo "creating an env file in $MNML_CONF"
+    echo "-----------------------------------------------"
+
+    sudo useradd mnml -U --password $(openssl rand -hex 16)
+    CURRENT_USER=$(whoami)
+    sudo usermod -aG mnml $CURRENT_USER
+    sudo mkdir -p /etc/mnml/
+    echo "export MNML_USER=mnml" | sudo tee -a $MNML_CONF
+    echo "export MNML_PG_PASSWORD=\"$(openssl rand -hex 16)\"" | sudo tee -a $MNML_CONF
+    echo "export MNML_PG_HOST=\"localhost\"" | sudo tee -a $MNML_CONF
+    sudo chown -R mnml:mnml /etc/mnml/
+fi
+
+source $MNML_CONF
+
+# DIRECTORY SETUP
+
+#       /var/lib/mnml
+# contains img data, client builds
+sudo mkdir -p /var/lib/mnml
+sudo mkdir -p /var/lib/mnml/public/imgs
+sudo mkdir -p /var/lib/mnml/client
+sudo mkdir -p /var/lib/mnml/data
+
+sudo chmod -R g+w /var/lib/mnml
+sudo chmod -R g+s /var/lib/mnml
+sudo setfacl -d -m group:mnml:rwx /var/lib/mnml
+sudo chown -R $MNML_USER:$MNML_USER /var/lib/mnml
+
+#       /var/log/mnml
+sudo mkdir -p /var/log/mnml
+sudo chmod g+w /var/log/mnml
+sudo chmod g+s /var/log/mnml
+sudo setfacl -d -m group:mnml:rwx /var/log/mnml
+sudo chown -R $MNML_USER:$MNML_USER /var/log/mnml
+
+#       /usr/local/mnml
+sudo mkdir -p /usr/local/mnml
+sudo mkdir -p /usr/local/mnml
+
+sudo setfacl -d -m group:mnml:rwx /usr/local/mnml
+sudo chmod -R g+w /usr/local/mnml
+sudo chmod -R g+s /usr/local/mnml
+sudo chown -R $MNML_USER:$MNML_USER /usr/local/mnml
+
+# SERVICES
+sudo mkdir -p /usr/local/systemd/system/
+sudo cp $MNML_PATH/etc/systemd/system/mnml.service /usr/local/systemd/system/
+
+# POSTGRES SETUP
+sudo -u postgres createdb mnml
+sudo -u postgres createuser --encrypted mnml
+
+echo "DATABASE_URL=postgres://mnml:$MNML_PG_PASSWORD@$MNML_PG_HOST/mnml" | sudo tee -a /etc/mnml/server.conf
+sudo -u postgres psql -c "alter user mnml with encrypted password '$MNML_PG_PASSWORD';"
+
+cd $MNML_PATH/ops && npm run migrate
+
+# NGINX
+if [ ! -f $MNML_PATH/etc/nginx/sites-available/mnml.gg.nginx.conf ]; then
+    echo "-----------------------------------------------"
+    echo "using development nginx config"
+    echo "$MNML_PATH/etc/nginx/sites-available/mnml.gg.nginx.conf"
+    echo "-----------------------------------------------"
+
+    cp $MNML_PATH/etc/nginx/sites-available/mnml.gg.DEV.nginx.conf $MNML_PATH/etc/nginx/sites-available/mnml.gg.nginx.conf
+fi
+
+sudo cp $MNML_PATH/etc/nginx/sites-available/mnml.gg.nginx.conf /etc/nginx/sites-available
+sudo ln -nfs /etc/nginx/sites-available/mnml.gg.nginx.conf /etc/nginx/sites-enabled/mnml.gg.nginx.conf

bin/server.sh

@@ -4,38 +4,46 @@
 DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
 MNML_PATH=$(realpath "$DIR/../")
 
-if [ ! -f $MNML_PATH/etc/mnml.env ]; then
+MNML_CONF="/etc/mnml/mnml.conf"
+
+if [ ! -f $MNML_CONF ]; then
     echo "-----------------------------------------------"
-    echo "creating an env file in $MNML_PATH/etc/mnml.env"
+    echo "creating an env file in $MNML_CONF"
     echo "-----------------------------------------------"
 
-    echo "export MNML_USER=\"$(whoami)\"" >> $MNML_PATH/etc/mnml.env
+    sudo mkdir -p /etc/mnml/
-    echo "export MNML_PG_PASSWORD=\"$(openssl rand -hex 16)\"" >> $MNML_PATH/etc/mnml.env
+    sudo chown mnml:
-    echo "export MNML_PG_HOST=\"localhost\"" >> $MNML_PATH/etc/mnml.env
+    echo "export MNML_USER=mnml" >> $MNML_CONF
+    echo "export MNML_PG_PASSWORD=\"$(openssl rand -hex 16)\"" >> $MNML_CONF
+    echo "export MNML_PG_HOST=\"localhost\"" >> $MNML_CONF
 fi
 
-source $MNML_PATH/etc/mnml.env
+source $MNML_CONF
+
+sudo adduser $MNML_USER
 
 # DIRECTORY SETUP
-sudo mkdir -p /opt/mnml
-sudo chown $MNML_USER: /opt/mnml
 
+#       /var/lib/mnml
+# contains img data, client builds
 sudo mkdir -p /var/lib/mnml
-sudo chown $MNML_USER: /var/lib/mnml
-mkdir -p /var/lib/mnml/public
 mkdir -p /var/lib/mnml/public/imgs
 mkdir -p /var/lib/mnml/data
+sudo chown -R $MNML_USER: /var/lib/mnml
 
+#       /var/log/mnml
 sudo mkdir -p /var/log/mnml
-sudo chown $MNML_USER: /var/log/mnml
+sudo chown -R $MNML_USER: /var/log/mnml
 
-sudo ln -nfs $MNML_PATH/current /opt/mnml
+#       /usr/local/mnml
+sudo mkdir -p /usr/local/mnml
+sudo mkdir -p /usr/local/mnml
+sudo chown -R $MNML_USER: /usr/local/mnml
 
 # SERVICES
 sudo cp $MNML_PATH/etc/systemd/system/mnml.service /etc/systemd/system
 
 # POSTGRES SETUP
-sudo -u postgres dropdb mnml
 sudo -u postgres createdb mnml
 sudo -u postgres createuser --encrypted mnml
 
@@ -46,7 +54,6 @@ sudo -u postgres psql -c "alter user mnml with encrypted password '$MNML_PG_PASS
 cd $MNML_PATH/ops && npm run migrate
 
 # RUST SETUP
-echo "DATABASE_URL=postgres://mnml:$MNML_PG_PASSWORD@$MNML_PG_HOST/mnml" > $MNML_PATH/server/.env
 # cargo build
 # cp -r $MNML_PATH/server/target/release /opt/mnml/bin
 

client/package.json

@@ -4,9 +4,9 @@
   "description": "",
   "main": "index.js",
   "scripts": {
-    "start": "parcel watch index.html --out-dir /var/lib/mnml/public/dist",
+    "start": "parcel watch index.html --out-dir /var/lib/mnml/public/current",
     "anims": "parcel animations.html --host 0.0.0.0 --port 40080 --no-source-maps",
-    "build": "parcel build index.html --out-dir /var/lib/mnml/public/dist",
+    "build": "parcel build index.html",
     "scss": "node-sass --watch assets/scss -o assets/styles",
     "lint": "eslint --fix --ext .jsx src/",
     "test": "echo \"Error: no test specified\" && exit 1"

etc/nginx/sites-available/mnml.gg.DEV.nginx.conf

@@ -17,7 +17,7 @@ map $http_upgrade $connection_upgrade {
 # DEV
 server {
     location / {
-        root /var/lib/mnml/public/dist;
+        root /var/lib/mnml/public/current;
         index index.html;
         try_files $uri $uri/ index.html;
     }

etc/nginx/sites-available/mnml.gg.PRODUCTION.nginx.conf

@@ -1,48 +1,51 @@
-error_log /var/log/mnml/nginx.error.log;
+error_log /var/log/mnml/nginx.log debug;
-access_log /var/log/mnml/nginx.access.log;
 
-upstream mnml {
+upstream mnml_http {
     server 127.0.0.1:40000;
 }
 
+upstream mnml_ws {
+    server 127.0.0.1:40055;
+}
+
+
 map $http_upgrade $connection_upgrade {
     default upgrade;
     '' close;
 }
 
-# PRODUCTION
+# DEV
 server {
-    root /var/lib/mnml/public/;
-    index index.html;
-
-    server_name mnml.gg; # managed by Certbot
-
-    if ($host = minimal.gg) {
-        return 301 https://mnml.gg$request_uri;
-    } # managed by Certbot
-
-    if ($host = cryps.gg) {
-        return 301 https://mnml.gg$request_uri;
-    } # managed by Certbot
-
     location / {
+        root /var/lib/mnml/public/current;
+        index index.html;
+        try_files $uri $uri/ index.html;
+    }
+
+    location /imgs/ {
+        root /var/lib/mnml/public/;
         try_files $uri $uri/ =404;
     }
 
+    location /api/ws {
+        proxy_pass http://mnml_ws;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $connection_upgrade;
+        proxy_read_timeout 600s;
+    }
+
+    location /api/ {
+        proxy_pass http://mnml_http;
+        proxy_read_timeout 600s;
+    }
+
     listen [::]:443 ssl ipv6only=on; # managed by Certbot
     listen 443 ssl; # managed by Certbot
     ssl_certificate /etc/letsencrypt/live/mnml.gg/fullchain.pem; # managed by Certbot
     ssl_certificate_key /etc/letsencrypt/live/mnml.gg/privkey.pem; # managed by Certbot
     include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
-
-    location /ws {
-        proxy_pass http://mnml;
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection $connection_upgrade;
-        proxy_read_timeout 600s;
-    }
 }
 
 # http -> https

etc/systemd/system/mnml.service

@@ -1,10 +1,10 @@
 [Unit]
-Description=OpenBSD Secure Shell server
+Description=mnml game server
-After=network.target auditd.service
+After=postgresql
-ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
+User=mnml
 
 [Service]
-ExecStart=/opt/mnml/bin/mnml
+ExecStart=/usr/local/mnml/bin/mnml
 KillMode=process
 Restart=on-failure
 RestartPreventExitStatus=255

server/src/main.rs

@@ -52,7 +52,7 @@ mod ws;
 
 use std::thread::{sleep, spawn};
 use std::time::{Duration};
-use dotenv::dotenv;
+use std::path::{Path};
 
 use pubsub::pg_listen;
 use warden::warden;
@@ -78,7 +78,7 @@ fn setup_logger() -> Result<(), fern::InitError> {
 }
 
 fn main() {
-    dotenv().ok();
+    dotenv::from_path(Path::new("/etc/mnml/server.conf")).ok();
     setup_logger().unwrap();
 
     let pool = pg::create_pool();