This applies when adding a server to your server park. It's recommended to use dedicated servers for your game services, and VMs for administrative and storage services.
Your server must have a public IP with an attached subdomain. The forward and reverse lookups must be consistent, as well as the local hostname.
Tip: For DigitalOcean VMs, create the VM with the FQDN as name. It will configure the VM correctly. Only the domain name record will need to be updated.
The following command must return a non-FQDN hostname, for example demo.
hostname
This command must return the FQDN, for example demo.ryzom.dev.
hostname -f
If the hostname is not correct, put the non-FQDN hostname in /etc/hostname, and both the FQDN and non-FQDN hostname in /etc/hosts for the public IPv4 and IPv6 addresses, as follows.
123.123.123.123 demo.ryzom.dev demo
Reboot if you made any changes.
Add the common domain name from the FQDN to the DNS resolution configuration. This allows you to reach servers under this domain name using just the hostname, which is what we'll do for convenience and portability.
sudo nano /etc/netplan/01-netcfg.yaml
Add a search entry under nameservers in the configuration file, specifying your domain.
ethernets:
...:
...
nameservers:
search:
- ryzom.dev
addresses:
- ...
...
Apply the configuration.
sudo netplan apply
You should now see a search ryzom.dev entry in /etc/resolv.conf.
If you get the message
netplan: command not found, follow the instructions forresolv.conf.
sudo nano /etc/resolv.conf
Add the search line to the end of the configuration file.
nameserver 127.0.0.53
options edns0
search ryzom.dev
Add your public key. Ensure password authentication is disabled.
Paste your public key into authorized_keys if it's not there yet.
nano ~/.ssh/authorized_keys
Disable password authentication.
sudo nano /etc/ssh/sshd_config
PasswordAuthentication no
Reboot if you made any changes.
Set the time to UTC
timedatectl set-timezone UTC
Check if you have swap space using free -h, create swap space using the following commands if not.
fallocate -l 8G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
swapon --show
free -h
Adjust swap behaviour.
sysctl vm.swappiness=10
echo 'vm.swappiness=10' | sudo tee -a /etc/sysctl.conf
sysctl vm.vfs_cache_pressure=50
echo 'vm.vfs_cache_pressure=50' | sudo tee -a /etc/sysctl.conf
Install some useful packages.
apt-get install build-essential git mercurial cmake -y
apt-get install prometheus-node-exporter -y
apt-get install nano screen command-not-found psmisc htop -y
apt-get remove vim -y
Get rid of any bashrc customizations.
/bin/cp /etc/skel/.bashrc ~/
source ~/.bashrc
Generate a private and public key for the current user.
yes "y" | ssh-keygen -t rsa -N "" -C $HOSTNAME"-"$USER -f ~/.ssh/id_rsa
cat ~/.ssh/id_rsa.pub
All of the above (except creating swap space) can be done by running this script instead:
curl -sSL https://raw.githubusercontent.com/nbspou/scripts/master/provision_root_base_light.sh | bash
Disable overcommit checks and disable transparent huge pages.
sysctl vm.overcommit_memory=1
echo 'vm.overcommit_memory=1' | sudo tee -a /etc/sysctl.conf
wget https://raw.githubusercontent.com/nbspou/scripts/master/data/disable-transparent-hugepage
mv disable-transparent-hugepage /etc/init.d/disable-transparent-hugepages
chmod 755 /etc/init.d/disable-transparent-hugepages
/etc/init.d/disable-transparent-hugepages start
update-rc.d disable-transparent-hugepages defaults
Reboot.
If you don't have your own account on the box yet, create one.
Additionally, after creating your own account, create a nevrax account, which is the one that will be used to run all of the NeL and Ryzom Core services.
From root, just run
curl -sSL https://raw.githubusercontent.com/nbspou/scripts/master/provision_root_adduser.sh | bash -s nevrax
To add sudo access through password (not necessary, nor recommended, but handy):
usermod -aG sudo nevrax
passwd nevrax