Sanitized mirror from private repository - 2026-04-06 02:25:47 UTC

2026-04-06 02:25:48 +00:00
commit fad8c41112
1407 changed files with 358727 additions and 0 deletions
--- a/docs/hosts/vms/seattle/pufferpanel/README.md
+++ b/docs/hosts/vms/seattle/pufferpanel/README.md
@@ -0,0 +1,317 @@
+# 🎮 PufferPanel Game Server Management
+
+*Web-based game server management panel for the Seattle VM*
+
+## Overview
+PufferPanel provides a comprehensive web interface for managing game servers, including Minecraft, Source engine games, and other popular multiplayer games.
+
+## Deployment Information
+
+### Host Location
+- **Host**: Seattle VM (`homelab_vm`)
+- **Container**: `pufferpanel-seattle`
+- **Status**: ✅ Active
+- **Access**: `https://games.vish.gg`
+
+### Container Configuration
+```yaml
+services:
+  pufferpanel:
+    image: pufferpanel/pufferpanel:latest
+    container_name: pufferpanel-seattle
+    restart: unless-stopped
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/New_York
+    volumes:
+      - pufferpanel-config:/etc/pufferpanel
+      - pufferpanel-data:/var/lib/pufferpanel
+      - game-servers:/var/lib/pufferpanel/servers
+    ports:
+      - "8080:8080"
+      - "25565:25565"  # Minecraft
+      - "27015:27015"  # Source games
+    networks:
+      - game-network
+```
+
+## Managed Game Servers
+
+### Minecraft Servers
+- **Vanilla Minecraft**: Latest release version
+- **Paper Minecraft**: Performance-optimized server
+- **Modded Minecraft**: Forge/Fabric mod support
+- **Bedrock Edition**: Cross-platform compatibility
+
+### Source Engine Games
+- **Garry's Mod**: PropHunt and sandbox modes
+- **Left 4 Dead 2**: Co-op survival campaigns
+- **Counter-Strike**: Classic competitive gameplay
+- **Team Fortress 2**: Team-based multiplayer
+
+### Other Games
+- **Satisfactory**: Factory building dedicated server
+- **Valheim**: Viking survival multiplayer
+- **Terraria**: 2D adventure and building
+- **Don't Starve Together**: Survival multiplayer
+
+## Server Management
+
+### Web Interface
+- **URL**: `https://games.vish.gg`
+- **Authentication**: Local user accounts
+- **Features**: Start/stop, console access, file management
+- **Monitoring**: Real-time server status and logs
+
+### User Management
+```bash
+# Create admin user
+docker exec pufferpanel-seattle pufferpanel user add --admin admin
+
+# Create regular user
+docker exec pufferpanel-seattle pufferpanel user add player
+
+# Set user permissions
+docker exec pufferpanel-seattle pufferpanel user perms player server.minecraft.view
+```
+
+### Server Templates
+- **Pre-configured**: Common game server templates
+- **Custom templates**: Tailored server configurations
+- **Auto-updates**: Automatic game updates
+- **Backup integration**: Scheduled server backups
+
+## Network Configuration
+
+### Port Management
+```yaml
+# Port mappings for different games
+ports:
+  - "25565:25565"    # Minecraft Java
+  - "19132:19132/udp" # Minecraft Bedrock
+  - "27015:27015"    # Source games
+  - "7777:7777/udp"  # Satisfactory
+  - "2456-2458:2456-2458/udp" # Valheim
+```
+
+### Firewall Rules
+```bash
+# Allow game server ports
+sudo ufw allow 25565/tcp comment "Minecraft Java"
+sudo ufw allow 19132/udp comment "Minecraft Bedrock"
+sudo ufw allow 27015/tcp comment "Source games"
+sudo ufw allow 7777/udp comment "Satisfactory"
+```
+
+## Storage Management
+
+### Server Data
+```
+/var/lib/pufferpanel/servers/
+├── minecraft-vanilla/
+│   ├── world/
+│   ├── plugins/
+│   └── server.properties
+├── gmod-prophunt/
+│   ├── garrysmod/
+│   └── srcds_run
+└── satisfactory/
+    ├── FactoryGame/
+    └── Engine/
+```
+
+### Backup Strategy
+- **Automated backups**: Daily world/save backups
+- **Retention policy**: 7 daily, 4 weekly, 12 monthly
+- **Storage location**: `/mnt/backups/game-servers/`
+- **Compression**: Gzip compression for space efficiency
+
+## Performance Optimization
+
+### Resource Allocation
+```yaml
+# Per-server resource limits
+deploy:
+  resources:
+    limits:
+      memory: 4G      # Minecraft servers
+      cpus: '2.0'
+    reservations:
+      memory: 2G
+      cpus: '1.0'
+```
+
+### Java Optimization (Minecraft)
+```bash
+# JVM arguments for Minecraft servers
+-Xms2G -Xmx4G
+-XX:+UseG1GC
+-XX:+ParallelRefProcEnabled
+-XX:MaxGCPauseMillis=200
+-XX:+UnlockExperimentalVMOptions
+-XX:+DisableExplicitGC
+-XX:G1NewSizePercent=30
+-XX:G1MaxNewSizePercent=40
+```
+
+### Network Optimization
+- **TCP optimization**: Tuned for game traffic
+- **Buffer sizes**: Optimized for low latency
+- **Connection limits**: Prevent resource exhaustion
+- **Rate limiting**: Anti-DDoS protection
+
+## Monitoring and Alerts
+
+### Server Monitoring
+- **Resource usage**: CPU, memory, disk I/O
+- **Player count**: Active players per server
+- **Performance metrics**: TPS, latency, crashes
+- **Uptime tracking**: Server availability statistics
+
+### Alert Configuration
+```yaml
+# Prometheus alerts for game servers
+- alert: GameServerDown
+  expr: up{job="pufferpanel"} == 0
+  for: 5m
+  labels:
+    severity: critical
+  annotations:
+    summary: "Game server {{ $labels.instance }} is down"
+
+- alert: HighMemoryUsage
+  expr: container_memory_usage_bytes{name="minecraft-server"} / container_spec_memory_limit_bytes > 0.9
+  for: 10m
+  labels:
+    severity: warning
+  annotations:
+    summary: "High memory usage on {{ $labels.name }}"
+```
+
+## Security Configuration
+
+### Access Control
+- **User authentication**: Local user database
+- **Role-based permissions**: Admin, moderator, player roles
+- **Server isolation**: Containerized server environments
+- **Network segmentation**: Isolated game network
+
+### Security Hardening
+```bash
+# Disable unnecessary services
+systemctl disable --now telnet
+systemctl disable --now rsh
+
+# Configure fail2ban for SSH
+sudo fail2ban-client set sshd bantime 3600
+
+# Regular security updates
+sudo apt update && sudo apt upgrade -y
+```
+
+### Backup Security
+- **Encrypted backups**: AES-256 encryption
+- **Access controls**: Restricted backup access
+- **Integrity checks**: Backup verification
+- **Offsite storage**: Cloud backup copies
+
+## Troubleshooting
+
+### Common Issues
+
+#### Server Won't Start
+```bash
+# Check server logs
+docker exec pufferpanel-seattle pufferpanel logs minecraft-server
+
+# Verify port availability
+netstat -tulpn | grep :25565
+
+# Check resource limits
+docker stats pufferpanel-seattle
+```
+
+#### Connection Issues
+```bash
+# Test network connectivity
+telnet games.vish.gg 25565
+
+# Check firewall rules
+sudo ufw status numbered
+
+# Verify DNS resolution
+nslookup games.vish.gg
+```
+
+#### Performance Problems
+```bash
+# Monitor resource usage
+htop
+
+# Check disk I/O
+iotop
+
+# Analyze network traffic
+nethogs
+```
+
+### Log Analysis
+```bash
+# View PufferPanel logs
+docker logs pufferpanel-seattle
+
+# View specific server logs
+docker exec pufferpanel-seattle tail -f /var/lib/pufferpanel/servers/minecraft/logs/latest.log
+
+# Check system logs
+journalctl -u docker -f
+```
+
+## Maintenance Procedures
+
+### Regular Maintenance
+- **Weekly**: Server restarts and updates
+- **Monthly**: Backup verification and cleanup
+- **Quarterly**: Security audit and updates
+- **Annually**: Hardware assessment and upgrades
+
+### Update Procedures
+```bash
+# Update PufferPanel
+docker pull pufferpanel/pufferpanel:latest
+docker-compose up -d pufferpanel
+
+# Update game servers
+# Use PufferPanel web interface for game updates
+```
+
+### Backup Procedures
+```bash
+# Manual backup
+docker exec pufferpanel-seattle pufferpanel backup create minecraft-server
+
+# Restore from backup
+docker exec pufferpanel-seattle pufferpanel backup restore minecraft-server backup-name
+```
+
+## Integration with Homelab
+
+### Monitoring Integration
+- **Prometheus**: Server metrics collection
+- **Grafana**: Performance dashboards
+- **NTFY**: Alert notifications
+- **Uptime Kuma**: Service availability monitoring
+
+### Authentication Integration
+- **Authentik SSO**: Single sign-on integration (planned)
+- **LDAP**: Centralized user management (planned)
+- **Discord**: Player authentication via Discord (planned)
+
+### Backup Integration
+- **Automated backups**: Integration with homelab backup system
+- **Cloud storage**: Backup to cloud storage
+- **Monitoring**: Backup success/failure notifications
+
+---
+**Status**: ✅ PufferPanel managing multiple game servers with automated backups and monitoring
--- a/docs/hosts/vms/seattle/pufferpanel/docker-compose.yml
+++ b/docs/hosts/vms/seattle/pufferpanel/docker-compose.yml
@@ -0,0 +1,177 @@
+version: '3.8'
+
+services:
+  pufferpanel:
+    image: pufferpanel/pufferpanel:latest
+    container_name: pufferpanel-seattle
+    restart: unless-stopped
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/New_York
+      - PUFFERPANEL_WEB_HOST=0.0.0.0:8080
+      - PUFFERPANEL_DAEMON_CONSOLE_BUFFER=50
+      - PUFFERPANEL_DAEMON_CONSOLE_FORWARD=false
+      - PUFFERPANEL_DAEMON_SFTP_HOST=0.0.0.0:5657
+      - PUFFERPANEL_DAEMON_AUTH_URL=http://localhost:8080
+      - PUFFERPANEL_DAEMON_AUTH_CLIENTID=
+      - PUFFERPANEL_DAEMON_AUTH_CLIENTSECRET=
+    volumes:
+      - pufferpanel-config:/etc/pufferpanel
+      - pufferpanel-data:/var/lib/pufferpanel
+      - game-servers:/var/lib/pufferpanel/servers
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    ports:
+      - "8080:8080"     # Web interface
+      - "5657:5657"     # SFTP
+      - "25565:25565"   # Minecraft Java
+      - "19132:19132/udp" # Minecraft Bedrock
+      - "27015:27015"   # Source games (GMod, L4D2)
+      - "27015:27015/udp"
+      - "7777:7777/udp" # Satisfactory
+      - "15777:15777/udp" # Satisfactory query
+      - "2456-2458:2456-2458/udp" # Valheim
+      - "7000-7100:7000-7100/tcp" # Additional game ports
+    networks:
+      - game-network
+      - proxy
+    labels:
+      # Nginx Proxy Manager labels
+      - "traefik.enable=true"
+      - "traefik.http.routers.pufferpanel.rule=Host(`games.vish.gg`)"
+      - "traefik.http.routers.pufferpanel.tls=true"
+      - "traefik.http.routers.pufferpanel.tls.certresolver=letsencrypt"
+      - "traefik.http.services.pufferpanel.loadbalancer.server.port=8080"
+
+      # Monitoring labels
+      - "prometheus.io/scrape=true"
+      - "prometheus.io/port=8080"
+      - "prometheus.io/path=/metrics"
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8080/api/self"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 60s
+    deploy:
+      resources:
+        limits:
+          memory: 1G
+          cpus: '1.0'
+        reservations:
+          memory: 512M
+          cpus: '0.5'
+
+  # Minecraft server template (managed by PufferPanel)
+  minecraft-vanilla:
+    image: itzg/minecraft-server:latest
+    container_name: minecraft-vanilla-seattle
+    restart: unless-stopped
+    environment:
+      - EULA=TRUE
+      - TYPE=VANILLA
+      - VERSION=LATEST
+      - MEMORY=4G
+      - JVM_OPTS=-XX:+UseG1GC -XX:+ParallelRefProcEnabled -XX:MaxGCPauseMillis=200
+      - ENABLE_RCON=true
+      - RCON_PASSWORD="REDACTED_PASSWORD"
+      - DIFFICULTY=normal
+      - MAX_PLAYERS=20
+      - MOTD=Homelab Minecraft Server
+      - SPAWN_PROTECTION=16
+      - VIEW_DISTANCE=10
+      - SIMULATION_DISTANCE=10
+    volumes:
+      - minecraft-data:/data
+      - minecraft-backups:/backups
+    ports:
+      - "25566:25565"
+    networks:
+      - game-network
+    depends_on:
+      - pufferpanel
+    deploy:
+      resources:
+        limits:
+          memory: 6G
+          cpus: '3.0'
+        reservations:
+          memory: 4G
+          cpus: '2.0'
+    healthcheck:
+      test: ["CMD", "mc-health"]
+      interval: 60s
+      timeout: 10s
+      retries: 3
+      start_period: 120s
+
+  # Game server backup service
+  game-backup:
+    image: alpine:latest
+    container_name: game-backup-seattle
+    restart: unless-stopped
+    environment:
+      - TZ=America/New_York
+      - BACKUP_SCHEDULE=0 2 * * *  # Daily at 2 AM
+      - RETENTION_DAYS=30
+    volumes:
+      - game-servers:/game-servers:ro
+      - minecraft-data:/minecraft-data:ro
+      - /mnt/backups/game-servers:/backups
+      - ./scripts/backup-games.sh:/backup-games.sh:ro
+    command: |
+      sh -c "
+      apk add --no-cache dcron rsync gzip
+      echo '0 2 * * * /backup-games.sh' | crontab -
+      crond -f -l 2"
+    networks:
+      - game-network
+    depends_on:
+      - pufferpanel
+
+volumes:
+  pufferpanel-config:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: /opt/pufferpanel/config
+
+  pufferpanel-data:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: /opt/pufferpanel/data
+
+  game-servers:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: /opt/pufferpanel/servers
+
+  minecraft-data:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: /opt/minecraft/data
+
+  minecraft-backups:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: /mnt/backups/minecraft
+
+networks:
+  game-network:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.20.0.0/16
+
+  proxy:
+    external: true
+    name: nginx-proxy-manager_default