Friday, 15 September 2017

Linux Game Server Manager

One of the teachers at school has declared that "eSports" will now be a Thing at school; his dream is that we thrash our arch-nemesis (more resourced  [top ten most expensive schools in the country] and bigger [more pupils]) school across the valley during the annual inter-school sports day. Indeed, he even talked to the Headmaster about it, who was initially confused, but eventually gave it his (tentative!) blessing.

This then means we need to facilitate such things as "gaming"...

I often think that "geeky" things are very much under-represented at schools. As I think I've said before, school sysadmins, even if they don't actively engage kids in classrooms, ought to facilitate a broader "curriculum" of ICT content beyond what is in various subjects.

I don't think gaming (as opposed to hacking, robotics, electronics and programming) are particularly geeky any more, but it certainly is a lot more geeky than running around a field kicking / carrying / hitting / being hit by balls, which seems to be the only out-of-classroom activity that gets any traction (indeed, sport gets too much attention IMO).

I've personally avoided getting involved in encouraging yet more fragging of n00bs - most teenage boys with the inclination to do so already spend more than enough hours frantically clicking mice at things on screen (I certainly did, although typically not all that frantically, as the largest number of hours went to things like Transport Tycoon and Sim City 2000 - although some early RTS and various flight sim type things certainly took a few hours here and there - mid '90s was my teenage era).

I'd really rather they learnt about programming, networks, firewalls and securing themselves from "hackers" and useful things, but *shrug* that seems not to interest many - and I don't have the time to run that stuff any more.

However, as the "Gatekeeper of the Internet" (aka Chief Firewall Wrangler/BOFH), it's the sort of thing that ultimately lands in my lap.

We convened a meeting of interested parties on Tuesday. We (the mastermind teacher and myself) set forth basic ground rules, and then told pupils that they needed to get hold of me via email with a list of server software requirements and settings wrt hosted dedicated game servers, firewall ports and services for the games they really wanted to master.

Basic ground rules were things like:

  1. You must legitimately own the game you want to play, and all requisite software.
  2. You must bring your own gaming hardware.
  3. You must leave the lab where activities happen in as good or better condition than when you found it.
  4. If it works, it works, if it doesn't, find another game. (AKA don't harass IT to muck about with the firewall rules, because we have better things to do, and it turns out that games are a PITA to deal with on many NGFWs).
  5. Internal game servers are really where it's at. 
  6. Your device must be formally registered on our network. 
  7. Implicit: Wheaton's Law
  8. You "own" the activity - do the hard work, learn what needs to be done to facilitate this, not just pitch up, frag n00bs, and expect someone else to do all the heavy lifting. 
  9. Instapermabans are a thing if you flout any of these rules, or get caught being naughty in any way. 

Of course, re: 8, nothing has materialised from the kids over the past few days (#millennials, hey?); being pro-active (and because I had a little time this week) I investigated a few options, because I'm sure next week will be too busy, and the plan is to start Doing Things by Tuesday afternoon.

If you have sufficiently advanced kids floating around - and you can trust them with an internet facing server - then get them to sysadmin the thing, from setting up to maintaining, patching and adding/tweaking game servers. It's a very good learning exercise. Of course, you can make an internal-only one if you like and let them run it.

The most promising thing, by far, for managing this sort of thing is Linux Game Server Manager, which wraps various Steam (and a few other) dedicated servers in a nice load of Git-backed bash scripts. If you want to do it all yourself, the canonical tool (for Steam games) is SteamCMD.

As FPS is (unaccountably, IMO) by far the most popular genre with gamers, that's where we'll start.

The chaps (no girls pitched up!) wanted primarily CS:GO (Counterstrike: Global Offensive, for those with better things to do than clicking on other people until they die), so that was the first thing I experimented on.

I also like to make sure that having lots of money isn't a pre-requisite to taking part, and decided Team Fortress 2 is a reasonable free to play game (if you want something really tiny and modest in needs, check out assault cube; it has an easy to set up local server mode for LAN games).

I also wanted the server to be available over the Internet - in part, because we have day scholars and boarders, so it makes sense to maximize potential for match-playing - and, one day, the inter-school matches will probably require it!

Basic Ubuntu Server config & Steam setup

  1. Create a dedicated Steam account (don't use your personal one).
  2. Make sure you verify your new account and add a phone number to it (and verify that). You'll possibly need to install the Steam client on a machine with a GUI to do this successfully. 
  3. If you need to set a server up for a game you must own (like CS:GO) buy it on Steam with your new account - indeed, you pretty much need to spend at least $5 to get a non-limited account to be able to generate GSLT tokens anyway. 
  4. Find a reasonably modern Ubuntu server (15 or later) and put it on some hardware (a VM is fine). It's probably a good idea to install and configure postfix (using a smarthost) so you can get your game servers to bother you quietly when they break. 
  5. It's going on the Internet. Put it in a DMZ and firewall it (both on your border firewall and with a default-to-deny host-based firewall; I use Shorewall). 
  6. Allow through the relevant ports and protocols, from wherever to wherever is needed, given your topology. 
  7. Insert port forwards on your router/firewall, if needed; if you have a spare, use a dedicated IPv4 address (publicly routable); make sure the outgoing NAT address matches whatever your incoming port forwards happen on; even easier, make it natively have a routable IP address in a DMZ. 
  8. The port forwards you need depend on what servers you are running - by default, you will need 27015 for both TCP and UDP, and 27020 for SourceTV. You will (obviously) need to forward and allow through firewalls other ports if you run more than one server.  Obviously, you also want to allow traffic out from the server.
  9. Set up split horizon DNS or hairpin NAT, as is your preference/site norms, if you need to. 
  10. Install and set up the relevant servers (see below).
Whilst there is quite a lot of documentation on LGSM, I didn't find it all that intuitive (probably because I wanted to try and find and install LGSM before installing a gameserver, but that's not quite how it works...). In reality, you find the server you want, and follow the instructions for each one. So, it's WABM time...

LGSM setup

  1. create a local user for each game server on your Ubuntu server: 
    1. adduser <servername>
  2. eg:
    1. adduser csgoserver
  3. rinse and repeat for any others you want to run (tf2server etc. etc.) - their multiple servers wiki entry is a little opaque on this subject, but doing it as I say here seems the easiest. 
  4. install LGSM dependencies:
    1. sudo dpkg --add-architecture i386; sudo apt-get update;sudo apt-get install mailutils postfix curl wget file bzip2 gzip unzip bsdmainutils python util-linux ca-certificates tmux lib32gcc1 libstdc++6 libstdc++6:i386
  5. go pick the relevant server from
  6. login as your game server user:
    1. su - <servername>
  7. e.g. 
    1. su - csgoserver
  8. Install the LGSM files; on the game server manager page there will be something that says "download and run the script" - for CS:GO, it is: 
    1. wget -N --no-check-certificate && chmod +x && bash csgoserver
  9. Run the installer from your shell once the download finishes; follow any instructions.
    1. ./csgoserver install
  10. rinse and repeat for each game server you want, remembering to change username each time. 

Game settings customisation

  1. cd ~
  2. cd /lgsm/config-lgsm/csgoserver/
  3. cp _default.cfg csgoserver.cfg
  4. vim csgoserver.cfg
  5. edit as you need to with regards to settings like your Steam login, GSLT tokens, and the like. 
    1. ## SteamCMD Login
    2. steamuser="username"
    3. steampass="password"
    4. Not all games need a steam login - those that allow anonymous login for instance, don't. This page (scroll down) covers those that do.
  6. For games that require it, make sure you generate and pass a GSLT token by filling in the gslt="" setting - insert the token between the quote marks.
  7. Other gameservers will follow similar naming convention and file locations. 
  8. You can also mess around with player numbers, maps, and may other settings.
  9. write the file (:w)
  10. quit (:q)
  11. Restart your gameserver if it is already running. 


LGSM includes a handy feature ("FastDL") for passing out various game files (like maps) quickly to your players via a local HTTP server. Whilst they can get them from Steam, this is often limited (to ~20kbps) - and thus can take aaaages. If you have Apache2 installed, you can then set it up. If you then enable Apache's usermod, you can have a FastDL directory for each game quite easily. This can suck up quite a lot of disk space quite fast for games with a lot of big resources. 
  1. run your gameserver in fastdl mode, e.g.
  2. ./csgoserver fastdl 
  3. follow through the prompts.
  4. wait for the system to copy across and bzip all the files - this can take some time.
  5. Edit the config file at ~/serverfiles/csgo/cfg/csgoserver.cfg (other games will differ slightly) to point at the correct location. 
  6. Add the URL and server directives:
  7. sv_downloadurl "URL"
  8. sv_allowdownload 0
  9. The URL will be something like http://yourservername.yourtld/~yourserveruser/fastdl/ - leave the quote marks there and paste the URL in there. 
  10. You can also use an IP address instead of FQDN if you're using hairpin NAT - but otherwise, split horizon DNS will normally work better. Obviously, if you use an IP address and the server is available over the Internet, make sure that it is the publicly routable IP. 
  11. Make sure your firewalls allow HTTP downloads.
  12. If you get stuck, the FastDL wiki entry is quite helpful. You may need to chmod your game server user home directory 755, and likewise your public_html directory and files therein - in particular, encrypted home directories may cause issues. Before you change permissions, try loading the URL in your browser - within the fastdl folder, you should see a bunch of files (usually in sub-directories). 
  13. Restart the server if it's already running so the fastdl settings take effect. 
  14. NB: This is also the file where you can change what your game server is called and put in passwords to control remote server admin and remote gaming connections.

Starting LGSM game servers

  1. Change to the relevant user (sudo su - <username>)
  2. cd ~ to change to home directory of that user (in case you don't end up there)
  3. ./<gameservername> start
  4. e.g.:
  5. ./csgoserver start
  6. watch for errors, if any; correct the underlying problem. Otherwise it should all work just fine.

Some basic troubleshooting

for the remainder of this guide, assume ./csgoserver is whatever the shell script is for interacting with the relevant game - it will be different for each game instance under each user. 

Check out all the LGSM commands

Check out all those handy options...

Are your servers running?

 netstat -atunp | grep srcds_linux
running the command above as root will quickly show you want processes are up and running - if you see the ports you expect, that's a good sign!

Track your gameservers

There are probably lots of similar sites, but this one seems quite straightforward; it also lets you test reachability of a public game server from outside of your network.  It takes at least a week of membership to that one before you can "claim" your server and start tracking it.

This is another good way of tracking usage of your servers too. 

Update your gameserver

I had weird errors concerning various "fixes" to do with bots and stuff on my CSGO server when I started it; a reinstall didn't help. I eventually tried the update command, and hey presto, that fixed it.
./csgoserver update

Reinstall your gameserver

./csgoserver install

Validate your gameserver

./csgoserver validate

Check your gameserver details

./csgoserver details

You want your ports to be correct, and the status to be online - and anything else in there to be correct as per your settings!


If you signed up to one of the game tracking services, you can usually generate funky little banners like these:

Which can act as very handy status indicators for your n00b-fragging denizens, and nice ways of publicising your servers.

1 comment:

  1. Wow i can say that this is another great article as expected of this blog.Bookmarked this site..
    Minecraft Server