0 OCI; Oracle Cloud Instance; Quick how to enable DynMap
Athar42 edited this page 2023-04-24 21:16:56 +02:00

This quick How-to is based on Ubuntu ARM64 with the free Oracle Cloud Instance (4 vCores / 24GB Memory / 200GB disk space)

In this tutorial, I'll not cover the creation of the instance, nor the installation and/or management of your Minecraft server.

Focus will be held on DynMap access.


Open ports to go through your instance

Go to your console, next in the menu, go to "Networking" and then select "Virtual Cloud Networks" image

On the new page, you should see your virtual network (in the form of "vcn-....", by default), select it. After that, select your subnet and then, the "Default Security List" (only one of each).

You should get a page similar to this screenshot : image

Select "Add Ingress Rules"

The first rule we add is for accessing DynMap : image So, as the source, we set it to ANY, so : 0.0.0.0/0 For the port, if you let the default one : 8123 The protocol is TCP (standard for HTTP)

Then, we also need to allow the access to our Minecraft server (depends on which version you installed and/or mods to allow either clients to connect to your Java server) image

For all those settings, adapt the destination ports to your needs.

After that, you should have some rules like those ones : image

A little of explanations here :

"Stateless" ==> We do not want to manually create Egress rules, so we do not check this box and let the system handle the connections. If we had selected it, we would have needed to create a rule to allow ANY destination to get out of our server from the DynMap web server port (to any destination port (as this is a random port, never the same).

"Source CIDR" ==> We want to get ANY outside connection to connect to our server, so we specify, in CIDR notation, all, with 0.0.0.0/0

"Source Port Range" ==> Is defined by the client host (random), so we let this box empty.

"Destination Port Range" ==> For this one, we set to the value of the destination service.


Open ports on your instance (Ubuntu)

As per Oracle's Best Practices, follow the steps explained here : https://blogs.oracle.com/developers/post/enabling-network-traffic-to-ubuntu-images-in-oracle-cloud-infrastructure At the chapter "Host Firewall".

The method used there is to edit a file named "/etc/iptables/rules.v4" and add your rules in there.

!!! ALL OF THE STUFF BELOW SHOULD NOT BE FOLLOWED UNLESS YOU KNOW WHAT YOU DO !!!

For this part, there is two ways to achieve this goal :

First way - Default firewall application : UFW

First, and not mandatory (so you can skip those initials commands), we restrict any inbound connections.

sudo ufw default allow outgoing
sudo ufw default deny incoming

Now, we are going to open some ports, first SSH access (in case you change from the default SSH port (22/tcp), adapt the command accordingly), then DynMap (8123/tcp) and the ports for the Minecraft server (JAVA and MCPE):

sudo ufw allow ssh
sudo ufw allow 8123/tcp
sudo ufw allow 25565/tcp
sudo ufw allow 19132/udp

N.B : For the first command, you can see I didn't specify the port, but the service name, so the first command "sudo ufw allow ssh" is equal to "sudo ufw allow 22/tcp". In fact, you can use any service name, which you can retrieve this way :

cat /etc/services

Add any rules you need, then once done, we enable the firewall with those new rules (and check that everything is OK with the status command) :

sudo ufw enable
sudo ufw reload
sudo ufw status

image

That's all we have to do here, if your server is up-and-running and DynMap installed, you should have gained access to it's webpage now 😉

Second way - Install Firewall-cmd (and disable UFW)

In case you do not want to use the embedded UFW commands, you can install the firewall-cmd binary.

First, let's install it :

sudo apt install firewalld

Start this new service and disable the default one :

sudo systemctl enable firewalld
sudo systemctl start firewalld
sudo ufw disable

Add any needed rules (ports to open) like this example :

sudo firewall-cmd --permanent --zone=public --add-port=22/tcp
sudo firewall-cmd --permanent --zone=public --add-port=8123/tcp
sudo firewall-cmd --permanent --zone=public --add-port=25565/tcp
sudo firewall-cmd --permanent --zone=public --add-port=19132/udp

Finally, we reload the rulesets with the following command, and everything should be working now :

firewall-cmd --reload

Final words

In the end, you should be able to access your map with the address : http://Your_Server_Public_IP:Your_DynMap_Web_Port (port, by default is 8123). image

image