Running an McMyAdmin Minecraft Server on Linux Mint

Why Would I Want To Do This?

McMyAdmin allows you to run and manage a Minecraft server (relatively) simply. 

This is how I went about installing it on a box running Linux Mint 17.2

Add A New User 

Note: You can choose not to do this step if you like but from a security and backup point of view I find it helps

• Go to User and Groups (via the Linux Mint menu) and add a new user without admin permissions

I called mine "minecraft" but "mcmyadmin" or whatever you like will work just as well. 

Install Supporting Files

This needs to be done as an admin user.

• Change directory with cd /usr/local 
• Download the supporting zipped file sudo wget http://mcmyadmin.com/Downloads/etc.zip 
• Unzip the downloaded file sudo unzip etc.zip
• Remove the zipped file sudo rm etc.zip

Install McMyAdmin Itself

This needs to be done as the user you created in the first step

• First create a directory for McMyAdmin mkdir ~/McMyAdmin
• Change directory with cd ~/McMyAdmin
• Download the zipped file wget http://mcmyadmin.com/Downloads/MCMA2_glibc26_2.zip
• Unzip the downloaded file unzip MCMA2_glibc26_2.zip
• Remove the zipped file rm MCMA2_glibc26_2.zip

Configure McMyAdmin With An Admin Password

• Run the executable with the -setpass and -configonly options ./MCMA2_Linux_x86_64 -setpass [YOURPASSWORD] -configonly

Running McMyAdmin For The First Time

• Change to the McMyAdmin directory cd ~/McMyAdmin 
• Run the executable ./MCMA2_Linux_x86_64

Note that you must change to the directory McMyAdmin is installed to before running it. You cannot run it using a relative or absolute path.

Adding McMyAdmin To Upstart

Having an McMyAdmin server running is a good start but you don't want to have to restart it manually every time you reboot your server. That is where Upstart helps out. 

In order to configure Upstart to start up your server you must do the following...

Create Config File

Create a new config file called something like minecraft.conf or mcmyadmin.conf

• cd /etc/init 
• sudo touch minecraft.conf 

Paste in the following code into your conf file making sure to change the path in the cd command to match the location of your McMyAdmin install

<---------------start cutting below this line--------------->

# /etc/init/minecraft.conf
description "Minecraft server"

start on runlevel [2345]
stop on runlevel [^2345]

#change /home/minecraft/McMyAdmin if you put McMyAdmin somewhere else
exec su minecraft -s /bin/bash -c 'cd /home/minecraft/McMyAdmin;./MCMA2_Linux_x86_64'

<---------------stop cutting above this line---------------> 

To check if this has worked run

• initctl reload-configuration 

which will load your new config file.
 
Test the service status (which should not yet be running)

• sudo service minecraft status

Start the service

• sudo service minecraft start 

Test the service status again (which should now be running)

• sudo service minecraft status 

And then stop the service 

• sudo service minecraft stop 

Once you are happy that the service starts and stops at your command. Reboot the computer. Once it is back up and running  recheck the service status and confirm it restarted automatically on reboot.

Port Forwarding for your server

The example is for the Huawei hg533 router but while the exact naming of the settings may differ on other routers the principles will be the same.

Go to the router page on your LAN. This is normally 192.168.1.1 but you may have changed it.

Login as the admin user using your password

1. Go to the Advanced NAT, Port Forwarding section 
2. Click on new to create a new rule
3. Set type to Customization
4. Protocol to TCP
5. External Start and End Ports to 25565 (or whatever port you want your users to access your Minecraft server on)
6. Internal Host to the local IP address of your server
7. Internal Port to 25565 (or whatever port you have set your McMyAdmin server Minecraft instance to)
8. Mapping Name to a suitable name. Mine is set to "Minecraft" 

Using Opendns on an Huawei hg533 router

Why would I want to do this?

OpenDns is one of (if not) the best way to restrict access to content you are uncomfortable being available on your network. Whether you are a parent and don't want your kids seeing porn, are a school or institution that wants to ban anything that may upset anyone, or just someone who wants to block irritating websites which load up your Windows PC with Malware, OpenDns is a free (for personal use), independent, configurable solution.

The instructions below are for the HG533 Router but if you are trying to work out how to set this up on any other router the basic principles should still be the same even if some of the specifics are different.

Step 1 - Setting up the DNS server configuration

Step 1.1 - Point you router to the OpenDns DNS Servers

You can do this even if you don't have an OpenDns account but that won't give you any control over the content accessible over your router. All that will happen is that you will use the OpenDns DNS servers which are good but meh! 

Go to the router page on your LAN. This is normally 192.168.1.1 but you may have changed it.

Login as the admin user using your password (make sure you change this from the default or all the stuff below will be pointless)

1. Go to the Basic LAN section 
2. Change the Primary and Secondary DNS settings to the OpenDns servers 208.67.222.222 and 208.67.220.220 respectively. These are the DNS settings given to computers that connect to your router. Make sure you are in the LAN section not the WAN section as there is also a place for DNS settings there.
3. Check your config is working by going to - https://store.opendns.com/settings

Step 1.2 - Get an OpenDns account and block whatever content you like

Next step, if you don't already have one, is to set up an OpenDns account (I'm not going to document this - just go to OpenDns.com and set up a free account and choose which content you want to block)

Step 1.3. Configure your router to tell OpenDns what your IP is

If you have a fixed (static) public IP (which most people don't) then you can ignore this step as you will already have configured your OpenDns account with your IP address. If on the other hand, like most of us, you have a Dynamic IP that changes on the whim of your internet provider then you need something to keep OpenDns informed whenever it changes. 

You can do this in a number of ways but I think the best way is to get your router to do it auto-magically via dns-o-matic. I have had some issues getting this to work but it seems to be working now I've upgraded to version 1.20t of the router firmware (we'll see). 

1. Create a dns-o-matic account (https://www.dnsomatic.com/)
2. Add the OpenDns service to your account

Then go back to your router to point it to the dns-o-matic account you've just created

1. Go to the Advanced -> DDNS section 
2. Set Service Provider to "Others"
3. Set host to "all"
4. Set domain to "dnsomatic.com"
5. Set username and password to the values you entered when creating your dns-o-matic account
6. Set server to "dnsomatic.com"
7. Set port to "80"
8. Set protocol to "GNUDip.http"
9. Set service name to something appropriate (I used "dnsomatic")
10. Submit your config

Step 2 - Enforcing the use of the DNS config

By doing step one the OpenDns servers will be used for the DNS lookups and inappropriate will be blocked based on your OpenDns settings. BUT anyone can override this by making changes to the configuration on their PC or other device. 

To ensure that they can't do this and that your OpenDns blocking will always be adhered to you need to do some firewall configuration.

Step 2.1 - Block port 53

First you need a blanket ban on the use of port 53. To do this

1. Go to the Advanced -> Firewall section and click on the "Application Filtering" option.
2. Select DNS from the application drop down
3. Set status to reject
4. Click submit

Step 2.2 - Open your firewall for OpenDns

You have now block all DNS traffic, so nothing can get out. This isn't what you want so...

1.  still in the Advanced -> Firewall section click on "IP Filtering"
2. type in a rule name (I called mine "OpenDns")
3. set protocol to UDP
4. set destination start address to 208.67.220.220
5. set destination end address to 208.67.222.222
6. set destination start and end port to 53
7. set priority to something high (I used 253)
8. set status to "Accept"
9. set input interface to "All"

And there you go!

So it took me a while to work this out and although the information is around on the internet I couldn't find it all in one place in a way I could understand. Hopefully other people will find this useful. If you have any suggestions for improving the configuration or if I've made a mistake somewhere please post comments.