From 95b73daa36b23565a8566f71f9b202d3459b685f Mon Sep 17 00:00:00 2001 From: Sam Chudnick Date: Sun, 25 Jun 2023 09:52:36 -0400 Subject: Initial Commit --- roles/services/game_server/tasks/main.yml | 223 ++++++++++++++++++++++++++++++ 1 file changed, 223 insertions(+) create mode 100644 roles/services/game_server/tasks/main.yml (limited to 'roles/services/game_server/tasks') diff --git a/roles/services/game_server/tasks/main.yml b/roles/services/game_server/tasks/main.yml new file mode 100644 index 0000000..f2b12bd --- /dev/null +++ b/roles/services/game_server/tasks/main.yml @@ -0,0 +1,223 @@ +- name: enable contrib and non-free repos + apt_repository: + repo: deb https://deb.debian.org/debian bookworm main contrib non-free + +- name: enable contrib and non-free repos + apt_repository: + repo: deb https://security.debian.org/debian-security bookworm-security main contrib non-free + +- name: enable contrib and non-free repos + apt_repository: + repo: deb https://deb.debian.org/debian bookworm-updates main contrib non-free + +- name: enable contrib and non-free repos + apt_repository: + repo: deb https://deb.debian.org/debian bookworm-backports main contrib non-free + +- name: enable contrib and non-free repos + apt_repository: + repo: deb-src https://deb.debian.org/debian bookworm main contrib non-free + +- name: enable contrib and non-free repos + apt_repository: + repo: deb-src https://security.debian.org/debian-security bookworm-security main contrib non-free +- name: enable contrib and non-free repos + apt_repository: + repo: deb-src https://deb.debian.org/debian bookworm-updates main contrib non-free + +- name: enable contrib and non-free repos + apt_repository: + repo: deb-src https://deb.debian.org/debian bookworm-backports main contrib non-free + +- name: update repos + apt: + update_cache: yes + register: apt_upgrade + retries: 100 + until: apt_upgrade is success or ('Failed to lock apt for exclusive operation' not in apt_upgrade.msg and '/var/lib/dpkg/lock' not in apt_upgrade.msg) + +- name: install packages + package: + name: "{{ game_server_packages }}" + state: latest + +- name: create games user + user: + name: "{{ games_user }}" + create_home: yes + +- name: add user to sudo group + user: + name: "{{ games_user }}" + groups: sudo + append: yes + +- name: add user to ssl-cert group + user: + name: "{{ games_user }}" + groups: ssl-cert + append: yes + +- name: set authorized ssh key + authorized_key: + user: "{{ games_user }}" + state: present + key: "{{ lookup('file', 'data/common/id_rsa.pub') }}" + +- name: clone sunshine repo + become: yes + become_user: "{{ games_user }}" + git: + repo: "{{ sunshine_repo }}" + dest: "/home/{{ games_user }}/sunshine" + version: "{{ sunshine_version }}" + recursive: yes + force: yes + register: sunshine_repo + notify: + - create sunshine build dir + - run npm install + - build sunshine - cmake + - build sunshine - make + - build sunshine deb package + - install sunshine from deb + - restart sunshine + +- name: install sunshine packages + package: + name: "{{ sunshine_packages }}" + state: latest + +- meta: flush_handlers + +- name: add user to input group + user: + name: "{{ games_user }}" + groups: input + append: yes + +- name: set sunshine udev rules + lineinfile: + path: /etc/udev/rules.d/85-sunshine-input.rules + insertbefore: EOF + line: KERNEL=="uinput", GROUP="input", MODE="0660", OPTIONS+="static_node=uinput" + owner: root + group: root + mode: "0644" + create: yes + +- name: install backports kernel + apt: + name: linux-image-amd64 + state: latest + update_cache: yes + +- name: update-pciids + changed_when: false + command: + cmd: "update-pciids" + +- name: check if needed firmware has alredy been installed + stat: path=/lib/firmware/amdgpu/dimgrey_cavefish_sos.bin + register: bin + +- name: manually download latest firmware for amdgpu from kernel source tree + when: not bin.stat.exists + get_url: + url: "https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/snapshot/linux-firmware-20221109.tar.gz" + dest: "/tmp/linux-firmware-20221109.tar.gz" + register: firmware + notify: + - decompress and extract firmware + - copy all files from amdgpu to /lib/firmware/amdgpu/ + - update initramfs + - reboot system + +- name: allow sunshine ports + ufw: + rule: allow + proto: tcp + port: 47984 + +- name: allow sunshine ports + ufw: + rule: allow + proto: tcp + port: 47989 + +- name: allow sunshine ports + ufw: + rule: allow + proto: tcp + port: 47990 + +- name: allow sunshine ports + ufw: + rule: allow + proto: udp + port: 47998 + +- name: allow sunshine ports + ufw: + rule: allow + proto: udp + port: 47999 + +- name: allow sunshine ports + ufw: + rule: allow + proto: tcp + +- name: allow sunshine ports + ufw: + rule: allow + proto: udp + port: 48000 + +- name: allow sunshine ports + ufw: + rule: allow + proto: udp + port: 48002 + +- name: check if i386 architecture is already enabled + args: + executable: /bin/bash + shell: | + set -eo pipefail + dpkg --print-foreign-architectures | grep i386 + register: i386_check + changed_when: false + +- name: add i386 architecture + when: i386_check.rc == 1 + command: + cmd: "dpkg --add-architecture i386" + +- name: update repos + when: i386_check.rc == 1 + apt: + update_cache: yes + register: apt_upgrade + retries: 100 + until: apt_upgrade is success or ('Failed to lock apt for exclusive operation' not in apt_upgrade.msg and '/var/lib/dpkg/lock' not in apt_upgrade.msg) + +- name: install steam and related packages + package: + name: "{{ steam_packages }}" + +- name: copy lightdm config + copy: + src: "{{ lightdm_config }}" + dest: /etc/lightdm/lightdm.conf + owner: root + group: root + mode: "0644" + +- name: copy xfce xinit config + copy: + src: "{{ xfce_xinit }}" + dest: /etc/xdg/xfce4/xinitrc + owner: root + group: root + mode: "0755" -- cgit v1.2.3