This page documents how to create a setup a Minecraft server using PufferPanel. Instructions for both local servers (accessible only on the UR network) and public servers (accessible to the outside world).

Setting up PufferPanel

PufferPanel is an open source game server management system. It handles the installation and management processes for a number of different game servers simultaneously on the same system. It also provides memory controls for each server, supports node clusters, and multiple users with different permissions. This is all done through a clean and easy to use web UI.

On a fresh install of the Debian based Linux of your choice, setup on the university network with a static IP, run the following commands to download and install PufferPanel.

curl -s https://packagecloud.io/install/repositories/pufferpanel/pufferpanel/script.deb.sh?any=true | sudo bash
sudo apt update
sudo apt-get install pufferpanel

Add yourself as an administrative user using sudo pufferpanel user add.

Enable and start the PufferPanel service.

sudo systemctl enable pufferpanel
sudo systemctl start pufferpanel

PufferPanel will automatically start a webUI at server.cif.rochester.edu:8080

Creating a Minecraft Server

PufferPanel natively supports a number of Minecraft servers including vanilla Java and Bedrock as well as the modloaders Forge, Fabric, Paper, and Spigot. Other modloaders can be added by creating a custom template.

To create a new server, click "Add Server" in the webUI, name it and select Minecraft Java Edition as the template.

Adjust the memory to your heart's content and leave the IP at 0.0.0.0. PufferPanel defaults to port 25565. However, the port for each game server must be unique. If necessary, change the port so that is unique and note the port. The port number will be quite important later. Fill out the rest of the settings as desired and finish the install.

Local Minecraft Server

If you simply want to the server to be local, go to http://citadel.cif.rochester.edu and go to Network Services->DNS Zones->cif.rochester.edu. Add a new A pointer where the record name is _minecraft._tcp.[hostname] and the IP address is the ip of the current web server. At the time of writing, the current webserver is Omega at ..167.68. hostname can be anything of your choosing. Click "Add and Edit", scroll down to SRV, and add a new SRV. Set the priority to 0, weight to 5, the port to the port number noted earlier, and the target to [server].cif.rochester.edu. Note the trailing period. Save the record and your done!

Public Minecraft Server

If you want your Minecraft server to be publically accessible outside the university network, may God have mercy on your soul for this documentation sure as hell won't.

There are 3 major players: DNS, httpd, and mc-router. Start by going into citadel and adding a new A record pointing from hostname to Omega's IP.

From here, SSH into Omega and create /etc/httpd/conf.d/[hostname].conf. Set its contents to the following template:

<VirtualHost *:80>
        ServerName [hostname].cif.rochester.edu

        ProxyPreserveHost On
        ProxyRequests Off
        ProxyPass / http://127.0.0.1
        ProxyPassReverse / http://127.0.0.1

</VirtualHost>

Restart httpd with sudo systemctl restart httpd.

Finally, navigate to the mc-router config, currently /mc-router/mc-router.json and add a line to the mappings of the form "[hostname].cif.rochester.edu: "[host_ip]:[port]". Ensure that the mappings are comma separated.

Restart mc-router with sudo systemctl restart mc-router

Note that if the server is made public, the request to join has to specifically happen on port 80. In otherwords, the domain to join is [hostname].cif.rochester.edu:80.

Once all of this is completed, congratulations! You have successfully setup a Minecraft server with PufferPanel.

Setting up the CIF External to the University of Rochester Network Minecraft Server Management System™ (CEURNMSMS)

If you thought that setting up a server was bad, wait until you see this.

The entire system is an interaction between 5 different services spread across 2 servers, interacting with up to 4 unique devices in the process. Any one attempting to recreate this would benefit greatly from an explanation of its inner workings.

Starting from when a user attempts to connect to [hostname].cif.rochester.edu:80, the address is forward to CIF's DNS server, where [hostname].cif.rochester.edu:80 is forwarded to IP of Omega on port 80. From here, a service on Omega listens to all traffic on port 80 and determines its type. If the traffic is http it is forwarded to Omega's http to become a website. This is the purpose of /etc/httpd/conf.d/[hostname].conf. The contents of this config are not important as in theory no one should be visiting [hostname].cif.rochester.edu as a website. If sslh cannot recognize the request type, it is set to forward the traffic back to itself, this time on port 25565, the minecraft port.

Also running on Omega is mc-router. MC-router is a wonderful project specifically designed for converting requests to a format that Minecraft can understand. It is constantly running as a service on Omega and is listening for traffic on port 25565 which is forwarded from port 80. It takes any requests and forwards them to unique ports on the PufferPanel host depending on the hostname it recieves. This allows the requests for all the Minecraft servers to happen through a single port, namely 25565 which is forwarded from port 80.

Finally, the PufferPanel host receives the request and connects the user to the server. Note that PufferPanel host is not necessarily the same device as the Minecraft server's host, meaning that it is possible for the request to go through yet another forward.

A diagram has been attached for your convenience.

Setting Up HTTP

apache2 setup is relatively easy to setup. Simply go to /etc/apache2/ports.conf and change "Listen 80" to "Listen localhost:80". This allows httpd to share port 80 by only listening to request from itself which it receives from sslh. Note that localhost MUST be used. Despite them being the same, using 127.0.0.1:80 breaks everything.

Finally, restart apache2

sudo systemctl restart apache2

Setting Up sslh

Start by installing sslh

sudo apt install sslh

Edit \etc\default\sslh and change the DAEMON_OPTS variable to be as follows:

DAEMON_OPTS=" \
--user sslh \
--listen ###.###.68:80 \
--ssh localhost:22 \
--openvpn localhost:1194 \
--xmpp localhost:5222 \
--http localhost:80 \
--tls localhost:443 \
--anyprot localhost:25565 \
"

sudo systemctl start sslh

Setting Up mc-router

Grab the linux 64 bit release of mc-router and by any means necessary, get the mc-router executable onto Omega.

Create a new file and give it the following contents:

{
  "default-server": "###.###.220.13:25565",
  "mappings": {
    "example1.cif.rochester.edu": "###.###.220.13:25566",
    "example1.cif.rochester.edu": "###.###.220.13:25567"
  }
}

This is the config that is edited when adding new servers. It maps hostnames it receives from the sslh program to individual ports on the PufferPanel port. It also converts the request to a specific type of tcp request that Minecraft requires. Turn this program into a service, documentation for how to do say can be found at Creating a systemd Service. The service should be executed with /path/to/mc-router -routes-config /path/to/mc-config.json. Finally, start the service. sudo systemctl start mc-router