We would like to host a Minetest game server (see minetest.net) for Fedora 37 Release Party. For this we need a simple server, no commitment from Fedora Infra or support required.
Minetest is an open source block building game and I maintain the minetest-server package for EPEL 9. My plan is to use CentOS Stream 9 server, install the package, add some mods and let it run.
The main admins are going to be me (@bookwar) and Preston Watson ( @prwatson ) The support will be handled over discussion.fedoraproject.org and Matrix.
Create a standalone VM with at least 2 CPU, at least 16 Gb of RAM, CentOS Stream 9 system and provide @bookwar with root access to it.
m5.xlarge
Ideally this week, but let's say by 25 Oct 2022
CC @mattdm
Metadata Update from @phsmoura: - Issue priority set to: Waiting on Assignee (was: Needs Review) - Issue tagged with: aws, high-trouble, low-gain, ops
Is it really a "high-trouble" issue?
I expected that deploying a EC2 instance on AWS from a standard CentOS 9 image and making it available with a public IP is a more or less straightforward task. And all optional requests can be ignored.
The matrix/irc bridge just caught up but, I saw this from smooge and assume it's related to this ticket
sorry probably the wrong flag. It needs someone with amazon AND it needs approval from Ben Cotton (he/him) or mattdm that this is important
Consider this my approval. We'd like to have this as a social activity for the F37 Release Party
It is high trouble because 1. We don't normally spin up images like this and get them configured so there are steps which someone will have to do/document 2. Everyone who can do this seems to be on PTO this week. So it is 'find volunteer time and credentials, etc'. 3. At the time I wrote this, I thought we were go for Tuesday which meant this would be drop other things to make it happen.
It can be moved to medium trouble once 1&&2 are not a lot of work as they are currently.
Metadata Update from @smooge: - Issue untagged with: high-trouble - Issue tagged with: medium-trouble
@mobrien seems online today so he may be able to look at this and spec out what would be needed.
Thanks for clarification.
On the ETA part: the release party is scheduled for Nov 4-5. The setup of a service won't take long, it can be done in a couple of hours, but i would prefer to have at least one weekend between access to the server and the event, to be able to setup a better landing area both technically and literally in the game itself.
That's why I specified the next week. It can be friday, Oct 28, if it helps.
Also tagging @defolos here as someone who can help with the management and access to the Minetest server.
Metadata Update from @nb: - Issue assigned to nb
I will work on this request.
I created a m5.xlarge instance in eu-central-1 running CentOS Stream 9.
ssh centos@mine.fedorainfracloud.org
I added @bookwar 's key from FAS to the centos user. You can add other keys if you want more people to have access.
Metadata Update from @nb: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
@nb Sorry, can you check the key once more?
I am getting permission denied:
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug1: Next authentication method: publickey debug1: Offering public key: /home/bookwar/.ssh/id_rsa RSA SHA256:FQx80x25hntIjQiQp0Gy6VRDndNLNWFBbwZxdniDrhU agent debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug1: Trying private key: /home/bookwar/.ssh/id_dsa debug1: Trying private key: /home/bookwar/.ssh/id_ecdsa debug1: Trying private key: /home/bookwar/.ssh/id_ecdsa_sk debug1: Trying private key: /home/bookwar/.ssh/id_ed25519 debug1: Trying private key: /home/bookwar/.ssh/id_ed25519_sk debug1: Trying private key: /home/bookwar/.ssh/id_xmss debug1: No more authentication methods to try. centos@mine.fedorainfracloud.org: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
I have rechecked that id_rsa matches the pub key from FAS:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9hl0PLsqC4wb3tKe5fqFRFbRWPoreI9b8wu2DKyGAweR5Kgj7QcZMlGJxMSzr2MB+qO+5n9OcQa1/auXqgwarhET3moLNBBPuepov73q92qT7GD7xNzfT3CcfVpmIK9/Bezl8Tb951jHCsCVWVdHqLuQrD4NPT4HGIlLyiF8vuxhL+A9coMcLrYVXZ8UnOvJEgsXURIXPuFmhhbkKJPCCSClsdvPwmWtIgxXhhibYwD6GjHM07ln3glzpN9Fogur+sBZVdUmdglflMwh7e0wTregTbgmb96NYm5c57V6WW/mkn5OvCVLc4wkDZt5aQdrMCNV3Ja2h7t37GZkZVqFpxSVn7bo+h8VsF373hxmUWlD+31kAiExeY1mEGTiySJI762JeGJpSRZ6gk4P8nQMXkPTt9BNSBmbNHFmEzCa/JFOSFT2xOrnI96QKYYPHJ2ANc+Qw+NO+/GOTpfEGwz5x+JB2G9P/LaSzh+zLNgojuJ3y4gnZH7zNjcWLKN62lxk= bookwar@fedora
Somehow fedorapeople.org (where I pulled the key from) had a different key than the key actually in FAS. I updated the key on mine.fedorainfracloud.org to the one you posted in here (which I verified to be the same as the one in FAS.
It should accept your key now.
I had two ssh keys in my account. And I removed the old one from Fedora Accounts interface right before I filed this ticket. It seems fedorapeople still has the old one and haven't got the other.
Anyway, now it works, I logged in and got root access via sudo, thank you.
I guess we are now entering the medium-trouble zone :)
medium-trouble
I have the service running (the exact setup is documented in https://pagure.io/fedora-mine ) but I can not get access to any of the ports from the outside except SSH.
I think that I need a configuration of inbound rules in the AWS settings:
if we follow the doc https://platformengineer.com/open-firewall-ports-of-aws-ec2-instances/ then we probably need something like this:
// open ports 30000-30005 for the game itself, there is a range because one server can host multiple worlds Type: Custom Protocol: UDP Port Range: 30000-30005 Source: Custom (0.0.0.0/0) // open HTTP port for the landing page Type: HTTP Protocol: TCP Port Range: 80 Source: Custom (0.0.0.0/0) // open HTTPS port for the landing page Type: HTTPS Protocol: TCP Port Range: 443 Source: Custom (0.0.0.0/0) // open port 22 for administrative tasks - should be already working Type: SSH Protocol: TCP Port Range: 22 Source: Custom (0.0.0.0/0)
Could someone please take a look?
Metadata Update from @bookwar: - Issue status updated to: Open (was: Closed)
I apologize, I misread the original request. I had opened 22/tcp and 3000/udp. I changed that to 30000-30005/udp, and I added 80/tcp and 443/tcp. Please try again.
Awesome, I am able to login and play now, thanks :)
Metadata Update from @bookwar: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Hey folks. I see that this instance is up for about a year and no one has logged in in a while. :)
Do you still need it? Or should we clean it up now?
I have checked recently, the server is up and running, and there is even a user (not me) there :)
I am not sure to be honest. Obviously we don't have any big community there (the #mine-with-fedora channel #mine-with-fedora:fedora.im is quite silent), but if it doesn't bother you too much, I would probably keep it until the next Fedora Release Party, and have it again as an option for the social hangout.
I would be happy to run it as a session again at the F39 Release Party in November.
I opened a new thread related to this: https://discussion.fedoraproject.org/t/mine-with-fedora-minetest-server-for-the-fedora-community-sep-2023-update/89214
no problem to keep it, but someone might want to reboot it, it's been up for 319 days. ;)
Thanks. Brave me ran dnf update and shutdown -r now and it just worked.
dnf update
shutdown -r now
So we should be good now.
Login to comment on this ticket.